General
-
Target
wrar401.exe
-
Size
4.6MB
-
Sample
220706-ffrpeahabp
-
MD5
75e38ca41d5d7aad3812f23929b8b5f0
-
SHA1
4fd0c5ad493489a9741f8ec41ca4c984158ce39b
-
SHA256
936d435ddbfcaa21c9c701d8472367f0bd7992834e9dda1c8eeebf1b06ad3018
-
SHA512
cca1aa74b6b199a0b6d056686728598a015ef85df6c50aebc19e59b6b43839c3d91a0ea9323210b39bdef1fa852a58e940b099fcd68ea0c67557f7e86ddfb91c
Static task
static1
Behavioral task
behavioral1
Sample
wrar401.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
wrar401.exe
-
Size
4.6MB
-
MD5
75e38ca41d5d7aad3812f23929b8b5f0
-
SHA1
4fd0c5ad493489a9741f8ec41ca4c984158ce39b
-
SHA256
936d435ddbfcaa21c9c701d8472367f0bd7992834e9dda1c8eeebf1b06ad3018
-
SHA512
cca1aa74b6b199a0b6d056686728598a015ef85df6c50aebc19e59b6b43839c3d91a0ea9323210b39bdef1fa852a58e940b099fcd68ea0c67557f7e86ddfb91c
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-