General
-
Target
16823e84f79ff25effec71838d5357035e6778623b4b7aa6c8414b143f624e9f
-
Size
66KB
-
Sample
220630-w836xagbgn
-
MD5
bbc00ca1bca7f3d143d06f21f17f4750
-
SHA1
55a6fe845c048ffdc1f39f6e1e4c61e20539e093
-
SHA256
16823e84f79ff25effec71838d5357035e6778623b4b7aa6c8414b143f624e9f
-
SHA512
df03d0f5d9f7376c3b0834a703cc79c870c60117a2886e5a41b137d4fb505bc68c738be71259845e8df5cb4f076dbcd7954712ac86158cef13fc1e5059438bcd
Static task
static1
Behavioral task
behavioral1
Sample
16823e84f79ff25effec71838d5357035e6778623b4b7aa6c8414b143f624e9f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
16823e84f79ff25effec71838d5357035e6778623b4b7aa6c8414b143f624e9f.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
16823e84f79ff25effec71838d5357035e6778623b4b7aa6c8414b143f624e9f
-
Size
66KB
-
MD5
bbc00ca1bca7f3d143d06f21f17f4750
-
SHA1
55a6fe845c048ffdc1f39f6e1e4c61e20539e093
-
SHA256
16823e84f79ff25effec71838d5357035e6778623b4b7aa6c8414b143f624e9f
-
SHA512
df03d0f5d9f7376c3b0834a703cc79c870c60117a2886e5a41b137d4fb505bc68c738be71259845e8df5cb4f076dbcd7954712ac86158cef13fc1e5059438bcd
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-