General
-
Target
c9399782497f76cf663bfcaf7cc57eb8f9bb40a12baf104026a882d689e2a587.zip
-
Size
3.7MB
-
Sample
220614-xzx4zadce2
-
MD5
719a430f4887d8f7e26ac1b2cfa38294
-
SHA1
f761ab7229c4562ce639a572060d649f8608974a
-
SHA256
663c452eda97e2568fc244f9062363b1ee8df49bf8edc3f5035c5ed4ae9371a4
-
SHA512
bcdac921353471a9f7c978b32bd15d94c7e900510b7ca9a537f190409cf78f6808b2152bdde647f6dbdb050e5b6cc7ca39c6b9e776e51aae0c5878561d531f56
Static task
static1
Behavioral task
behavioral1
Sample
Holland-America-Donation-Request-Form.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Holland-America-Donation-Request-Form.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
jupyter
http://14,6.70.71.174
Targets
-
-
Target
Holland-America-Donation-Request-Form.exe
-
Size
274.0MB
-
MD5
761b643ce4867014456b331b1a251dc3
-
SHA1
52685157be543065f34a7ec9eb8519c9b1855a59
-
SHA256
6d1a637ee2263dc7918b886a8a1878fb73a000510bc6f42e0c59669487c46e82
-
SHA512
f30eb357e0dd4eaec8de8bc08ad1a1044340b3fe55856aad68499251eab4bc5d41f422984f213fa173aeb44b3c9b8cbdc8b93780fa337365ac89150fb7fa3451
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-