General
-
Target
3909b1f4a50c81478aaffc196dae53fc6c905edfde3e4c725481d2aecfea8d65
-
Size
86KB
-
Sample
220625-wmxr1aeeck
-
MD5
eb1a9bab2d88be9722845fc808ce0a68
-
SHA1
a9ac457e97984eec3350ced0976f5923f56e4f53
-
SHA256
3909b1f4a50c81478aaffc196dae53fc6c905edfde3e4c725481d2aecfea8d65
-
SHA512
f8165a0a287274c8d8345714c4bdb2a9833e96e6f4173d1b164db4dc8912f0c537018a8ee090afcd99eba575121f8ee05501b7baeae3f5aaade6ad9777299ddc
Static task
static1
Behavioral task
behavioral1
Sample
3909b1f4a50c81478aaffc196dae53fc6c905edfde3e4c725481d2aecfea8d65.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3909b1f4a50c81478aaffc196dae53fc6c905edfde3e4c725481d2aecfea8d65.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
3909b1f4a50c81478aaffc196dae53fc6c905edfde3e4c725481d2aecfea8d65
-
Size
86KB
-
MD5
eb1a9bab2d88be9722845fc808ce0a68
-
SHA1
a9ac457e97984eec3350ced0976f5923f56e4f53
-
SHA256
3909b1f4a50c81478aaffc196dae53fc6c905edfde3e4c725481d2aecfea8d65
-
SHA512
f8165a0a287274c8d8345714c4bdb2a9833e96e6f4173d1b164db4dc8912f0c537018a8ee090afcd99eba575121f8ee05501b7baeae3f5aaade6ad9777299ddc
Score10/10-
GandCrab Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-