General
-
Target
396db407c256a9d986e6c9236b138a45a8d036db66fada0986c1de5358fa9875
-
Size
1.9MB
-
Sample
220625-mlck1aage5
-
MD5
20b489eaf040e049a47c082170acc9b8
-
SHA1
185eabfdd755f94c8eaa80baed99b5a4e06b3ca2
-
SHA256
396db407c256a9d986e6c9236b138a45a8d036db66fada0986c1de5358fa9875
-
SHA512
1af4b40a3572aa0fdbd4c8b8cd974d0bff85d5c99203057e09abe222f24fce7e160d2155b8ec3b697bdd2efb65d1701a658c8d0f485ed0461af5a852561a6f3f
Static task
static1
Behavioral task
behavioral1
Sample
396db407c256a9d986e6c9236b138a45a8d036db66fada0986c1de5358fa9875.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
http://www.zhxxjs.pw/Info/
http://www.allinfo.pw/
Targets
-
-
Target
396db407c256a9d986e6c9236b138a45a8d036db66fada0986c1de5358fa9875
-
Size
1.9MB
-
MD5
20b489eaf040e049a47c082170acc9b8
-
SHA1
185eabfdd755f94c8eaa80baed99b5a4e06b3ca2
-
SHA256
396db407c256a9d986e6c9236b138a45a8d036db66fada0986c1de5358fa9875
-
SHA512
1af4b40a3572aa0fdbd4c8b8cd974d0bff85d5c99203057e09abe222f24fce7e160d2155b8ec3b697bdd2efb65d1701a658c8d0f485ed0461af5a852561a6f3f
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-