General
-
Target
347e4533e5bd3ead39b7b282654aec6efa8062e1372c3efacbb5d4dc9b7b1903
-
Size
1.9MB
-
Sample
220619-zx9q4aceck
-
MD5
2211816444b0848dfb1bbd2b4aa241e0
-
SHA1
af475d9999708b577584cca9d7142efd9a56839c
-
SHA256
347e4533e5bd3ead39b7b282654aec6efa8062e1372c3efacbb5d4dc9b7b1903
-
SHA512
9fa820e8fa456dd10eacf9f359d40b41679f80ec522256c831ca1fbf0badbce996ab89e71a057d0e5d59a611fdeef7ef8ccd2f2f288a20caa248ff6aba2e2d14
Static task
static1
Behavioral task
behavioral1
Sample
347e4533e5bd3ead39b7b282654aec6efa8062e1372c3efacbb5d4dc9b7b1903.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
http://www.zhxxjs.pw/Info/
http://www.allinfo.pw/
Targets
-
-
Target
347e4533e5bd3ead39b7b282654aec6efa8062e1372c3efacbb5d4dc9b7b1903
-
Size
1.9MB
-
MD5
2211816444b0848dfb1bbd2b4aa241e0
-
SHA1
af475d9999708b577584cca9d7142efd9a56839c
-
SHA256
347e4533e5bd3ead39b7b282654aec6efa8062e1372c3efacbb5d4dc9b7b1903
-
SHA512
9fa820e8fa456dd10eacf9f359d40b41679f80ec522256c831ca1fbf0badbce996ab89e71a057d0e5d59a611fdeef7ef8ccd2f2f288a20caa248ff6aba2e2d14
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-