General
-
Target
3b8c6f0033980eed8f86a029be14ff32c32f535c4bdaeb5c5f857236722ac9c8
-
Size
47KB
-
Sample
220701-ey7b5sdfd2
-
MD5
541dce93da456fd7830cda46a9d07941
-
SHA1
b08b3bfd5556f18b8c696925146985a86ee72fdd
-
SHA256
3b8c6f0033980eed8f86a029be14ff32c32f535c4bdaeb5c5f857236722ac9c8
-
SHA512
6d2164e340691b2ba8cba81979d7fe403739290a583fdeaee7ead5c9b94bc5e0d025d1943df559e1a01ea2e700aa2513c7ad8bd742524d2370c54d644769a3e2
Static task
static1
Behavioral task
behavioral1
Sample
3b8c6f0033980eed8f86a029be14ff32c32f535c4bdaeb5c5f857236722ac9c8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3b8c6f0033980eed8f86a029be14ff32c32f535c4bdaeb5c5f857236722ac9c8.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
3b8c6f0033980eed8f86a029be14ff32c32f535c4bdaeb5c5f857236722ac9c8
-
Size
47KB
-
MD5
541dce93da456fd7830cda46a9d07941
-
SHA1
b08b3bfd5556f18b8c696925146985a86ee72fdd
-
SHA256
3b8c6f0033980eed8f86a029be14ff32c32f535c4bdaeb5c5f857236722ac9c8
-
SHA512
6d2164e340691b2ba8cba81979d7fe403739290a583fdeaee7ead5c9b94bc5e0d025d1943df559e1a01ea2e700aa2513c7ad8bd742524d2370c54d644769a3e2
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-