General
-
Target
0x00060000000142ab-152.dat
-
Size
1.0MB
-
Sample
220806-q34ycsfcep
-
MD5
e44b6cb9e7111de178fbabf3ac1cba76
-
SHA1
b15d8d52864a548c42a331a574828824a65763ff
-
SHA256
c74894fe98864ade516c9e54f2258a23ed451feadfa2de53a7c626385b549b22
-
SHA512
24129e1de024d61bcc23654450f416307be3e7911de2baced47476e02cd7df737ce012f379eb0ea5d84367113619f53d6a80971ccc652a569d6b494150bbb6bf
Behavioral task
behavioral1
Sample
0x00060000000142ab-152.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
0x00060000000142ab-152.dat
-
Size
1.0MB
-
MD5
e44b6cb9e7111de178fbabf3ac1cba76
-
SHA1
b15d8d52864a548c42a331a574828824a65763ff
-
SHA256
c74894fe98864ade516c9e54f2258a23ed451feadfa2de53a7c626385b549b22
-
SHA512
24129e1de024d61bcc23654450f416307be3e7911de2baced47476e02cd7df737ce012f379eb0ea5d84367113619f53d6a80971ccc652a569d6b494150bbb6bf
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-