General
-
Target
ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841
-
Size
1.9MB
-
Sample
220625-b38tzsbfd8
-
MD5
f0faa31e557acb4d73a8351ee80b6a3e
-
SHA1
ba4f77d0b7803df4fca1d9b797dbc09b18c6501c
-
SHA256
ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841
-
SHA512
afa4c1aaa236d61f5567decd1333c4b120e0b3265f2ce42d22197e30aa6ee11468e68ab6b0e2178809c4331850fa6ee0571ea86bb1315e8e3c92abc8dbc882fc
Static task
static1
Behavioral task
behavioral1
Sample
ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
http://www.createinfo.pw/
http://www.allinfo.pw/
Targets
-
-
Target
ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841
-
Size
1.9MB
-
MD5
f0faa31e557acb4d73a8351ee80b6a3e
-
SHA1
ba4f77d0b7803df4fca1d9b797dbc09b18c6501c
-
SHA256
ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841
-
SHA512
afa4c1aaa236d61f5567decd1333c4b120e0b3265f2ce42d22197e30aa6ee11468e68ab6b0e2178809c4331850fa6ee0571ea86bb1315e8e3c92abc8dbc882fc
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-