General
-
Target
935ab16af295890d21795edad0e53539110716d9007e8a8dab7fe3d406298b7a
-
Size
844KB
-
Sample
220625-jwzazaccck
-
MD5
bace9540f70e635d99318c7cfa4a6c82
-
SHA1
82decd85f9506ebe210c36d6c0ab9c06365105c6
-
SHA256
935ab16af295890d21795edad0e53539110716d9007e8a8dab7fe3d406298b7a
-
SHA512
ebb076438662bc1a1aca2e75a35f52484cd767282ae29faa1717b323adfc59fa89c95bbd98ecc269605d47d49bf6e5d4c947ed1b4a6dc7411da19cd38a8f1811
Static task
static1
Behavioral task
behavioral1
Sample
935ab16af295890d21795edad0e53539110716d9007e8a8dab7fe3d406298b7a.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
http://www.zhxxjs.pw/Info/
Targets
-
-
Target
935ab16af295890d21795edad0e53539110716d9007e8a8dab7fe3d406298b7a
-
Size
844KB
-
MD5
bace9540f70e635d99318c7cfa4a6c82
-
SHA1
82decd85f9506ebe210c36d6c0ab9c06365105c6
-
SHA256
935ab16af295890d21795edad0e53539110716d9007e8a8dab7fe3d406298b7a
-
SHA512
ebb076438662bc1a1aca2e75a35f52484cd767282ae29faa1717b323adfc59fa89c95bbd98ecc269605d47d49bf6e5d4c947ed1b4a6dc7411da19cd38a8f1811
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-