General
-
Target
2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb
-
Size
84KB
-
Sample
220621-ysybtseef2
-
MD5
89b7defee5ecdd6bb698973fefcb81d1
-
SHA1
f7a83e609292ee91ece8b6e841648b7f867d6b3f
-
SHA256
2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb
-
SHA512
dd3e4e7e9378958315bfc50fa7fb83c284982615a1d31d1964661dc033a19abd618dd0cb11439b76b1f683d60757dbf969f2a1a4673718e818fda1d47691d466
Static task
static1
Behavioral task
behavioral1
Sample
2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb
-
Size
84KB
-
MD5
89b7defee5ecdd6bb698973fefcb81d1
-
SHA1
f7a83e609292ee91ece8b6e841648b7f867d6b3f
-
SHA256
2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb
-
SHA512
dd3e4e7e9378958315bfc50fa7fb83c284982615a1d31d1964661dc033a19abd618dd0cb11439b76b1f683d60757dbf969f2a1a4673718e818fda1d47691d466
Score8/10-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Creates a Windows Service
-
Drops file in System32 directory
-