General
-
Target
2d1106c065a163fbcef5b60ba5eceb22b75e2024e205c84494319fe1d912cffc
-
Size
1.9MB
-
Sample
220614-zf3apacben
-
MD5
15f72ede1670137cc1be6aa7322cfaf7
-
SHA1
39223904b1c8b1a039f7fff34978e2723f2cf684
-
SHA256
2d1106c065a163fbcef5b60ba5eceb22b75e2024e205c84494319fe1d912cffc
-
SHA512
e9922cbea70205943d815c1592895f7e4d3fad97fed1a514ec32e86c711c9eab77b785fc94135c2e2b323e528567580f9a6d3c66f92784690e3c0180cb2b59e1
Static task
static1
Behavioral task
behavioral1
Sample
2d1106c065a163fbcef5b60ba5eceb22b75e2024e205c84494319fe1d912cffc.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
http://www.zhxxjs.pw/Info/
Targets
-
-
Target
2d1106c065a163fbcef5b60ba5eceb22b75e2024e205c84494319fe1d912cffc
-
Size
1.9MB
-
MD5
15f72ede1670137cc1be6aa7322cfaf7
-
SHA1
39223904b1c8b1a039f7fff34978e2723f2cf684
-
SHA256
2d1106c065a163fbcef5b60ba5eceb22b75e2024e205c84494319fe1d912cffc
-
SHA512
e9922cbea70205943d815c1592895f7e4d3fad97fed1a514ec32e86c711c9eab77b785fc94135c2e2b323e528567580f9a6d3c66f92784690e3c0180cb2b59e1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-