General
-
Target
041a4f5c60d5186913c46f9e0b246354f0944b03eb7d61325a60ae338faebbc8
-
Size
97KB
-
Sample
220701-htyqzsafc8
-
MD5
9f16a651f918972eee7be4f19d40bb91
-
SHA1
dd56518e934d22f2e49a12cacc1b0bd7c1ac60a6
-
SHA256
041a4f5c60d5186913c46f9e0b246354f0944b03eb7d61325a60ae338faebbc8
-
SHA512
02eef0bd8d9fbdf0fa0ae2e510fa4069d9f6592926397dd540be66c97c6826ec736e4cdf52e153a313260f4c074cd3404083bcfe98d80ce0054af39b557b52b3
Behavioral task
behavioral1
Sample
041a4f5c60d5186913c46f9e0b246354f0944b03eb7d61325a60ae338faebbc8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
041a4f5c60d5186913c46f9e0b246354f0944b03eb7d61325a60ae338faebbc8.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
041a4f5c60d5186913c46f9e0b246354f0944b03eb7d61325a60ae338faebbc8
-
Size
97KB
-
MD5
9f16a651f918972eee7be4f19d40bb91
-
SHA1
dd56518e934d22f2e49a12cacc1b0bd7c1ac60a6
-
SHA256
041a4f5c60d5186913c46f9e0b246354f0944b03eb7d61325a60ae338faebbc8
-
SHA512
02eef0bd8d9fbdf0fa0ae2e510fa4069d9f6592926397dd540be66c97c6826ec736e4cdf52e153a313260f4c074cd3404083bcfe98d80ce0054af39b557b52b3
Score10/10-
Async RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-