General
-
Target
3435f5289acb0e81ac336c58a4e7889acb3bd4a6e5f1fbaee1c98d5cdecf7216
-
Size
1.9MB
-
Sample
220619-18hbnagfb2
-
MD5
9ca48260d3b65c551acc59f1c8264368
-
SHA1
ea4e90eed1c9d65e59e0711dea5005c18f2dedff
-
SHA256
3435f5289acb0e81ac336c58a4e7889acb3bd4a6e5f1fbaee1c98d5cdecf7216
-
SHA512
2eaa17ae0ed3fe1e52bb9b05aa620e64f3fb0ac54312a752a52353710cb6b612d790da70e37831d628840a57b931d54c08114b757b0bfaee15d0f17d31f07ee9
Static task
static1
Behavioral task
behavioral1
Sample
3435f5289acb0e81ac336c58a4e7889acb3bd4a6e5f1fbaee1c98d5cdecf7216.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
http://www.zhxxjs.pw/Info/
http://www.allinfo.pw/
Targets
-
-
Target
3435f5289acb0e81ac336c58a4e7889acb3bd4a6e5f1fbaee1c98d5cdecf7216
-
Size
1.9MB
-
MD5
9ca48260d3b65c551acc59f1c8264368
-
SHA1
ea4e90eed1c9d65e59e0711dea5005c18f2dedff
-
SHA256
3435f5289acb0e81ac336c58a4e7889acb3bd4a6e5f1fbaee1c98d5cdecf7216
-
SHA512
2eaa17ae0ed3fe1e52bb9b05aa620e64f3fb0ac54312a752a52353710cb6b612d790da70e37831d628840a57b931d54c08114b757b0bfaee15d0f17d31f07ee9
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-