General
-
Target
Holland-America-Donation-Request-Form.exe
-
Size
274.0MB
-
Sample
220617-qhnqmseeh8
-
MD5
761b643ce4867014456b331b1a251dc3
-
SHA1
52685157be543065f34a7ec9eb8519c9b1855a59
-
SHA256
6d1a637ee2263dc7918b886a8a1878fb73a000510bc6f42e0c59669487c46e82
-
SHA512
f30eb357e0dd4eaec8de8bc08ad1a1044340b3fe55856aad68499251eab4bc5d41f422984f213fa173aeb44b3c9b8cbdc8b93780fa337365ac89150fb7fa3451
Static task
static1
Behavioral task
behavioral1
Sample
Holland-America-Donation-Request-Form.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Holland-America-Donation-Request-Form.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
jupyter
http://14,6.70.71.174
Targets
-
-
Target
Holland-America-Donation-Request-Form.exe
-
Size
274.0MB
-
MD5
761b643ce4867014456b331b1a251dc3
-
SHA1
52685157be543065f34a7ec9eb8519c9b1855a59
-
SHA256
6d1a637ee2263dc7918b886a8a1878fb73a000510bc6f42e0c59669487c46e82
-
SHA512
f30eb357e0dd4eaec8de8bc08ad1a1044340b3fe55856aad68499251eab4bc5d41f422984f213fa173aeb44b3c9b8cbdc8b93780fa337365ac89150fb7fa3451
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-