General
-
Target
df830756b173bc76343634c2600054b1fcaa5ee3ccbb2f534f22049edcc045d4
-
Size
246KB
-
Sample
220625-gejg3sade8
-
MD5
d1f2ab77ca6038dfb5d09fcf67ab1b12
-
SHA1
982d9cdb8320861c533986eb6d2c3ac789f4d676
-
SHA256
df830756b173bc76343634c2600054b1fcaa5ee3ccbb2f534f22049edcc045d4
-
SHA512
69487443c457e8bb9f2ba8707c418b3f2a210d25014991d5a22e40a9b61824bc9f8395e1427d38843876f47236cb4dc74efc1494d25ecaad6e570ce6059ab166
Static task
static1
Behavioral task
behavioral1
Sample
df830756b173bc76343634c2600054b1fcaa5ee3ccbb2f534f22049edcc045d4.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
df830756b173bc76343634c2600054b1fcaa5ee3ccbb2f534f22049edcc045d4
-
Size
246KB
-
MD5
d1f2ab77ca6038dfb5d09fcf67ab1b12
-
SHA1
982d9cdb8320861c533986eb6d2c3ac789f4d676
-
SHA256
df830756b173bc76343634c2600054b1fcaa5ee3ccbb2f534f22049edcc045d4
-
SHA512
69487443c457e8bb9f2ba8707c418b3f2a210d25014991d5a22e40a9b61824bc9f8395e1427d38843876f47236cb4dc74efc1494d25ecaad6e570ce6059ab166
-
KPOT Core Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-