General
-
Target
4963fa87894dd865569851d96619d7ad68595c92857978b7cfca274ac0913850
-
Size
2.7MB
-
Sample
220902-esdsmsgaaq
-
MD5
cbe535e83d1bdb0e2ee627e9963ec92e
-
SHA1
beb701d561634d8ab02354364512baac03f6d80b
-
SHA256
4963fa87894dd865569851d96619d7ad68595c92857978b7cfca274ac0913850
-
SHA512
85c77091d41766aab1f91b990d9c8a3b8ae708b61c6b42bc023147c419d2a4ee0d56d6ce86650bc71f451014063dfd82271bd562a5da87f1ddcf5ef7e94dbf4f
-
SSDEEP
49152:wDN/LQQQsW2Oa+gJH1KmPhtGAiAnPD3D5Cj4HABszcpyoHJPTBotxYAPCQoCsc:moAVPABszcwoH6PCQ
Static task
static1
Behavioral task
behavioral1
Sample
4963fa87894dd865569851d96619d7ad68595c92857978b7cfca274ac0913850.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
4963fa87894dd865569851d96619d7ad68595c92857978b7cfca274ac0913850
-
Size
2.7MB
-
MD5
cbe535e83d1bdb0e2ee627e9963ec92e
-
SHA1
beb701d561634d8ab02354364512baac03f6d80b
-
SHA256
4963fa87894dd865569851d96619d7ad68595c92857978b7cfca274ac0913850
-
SHA512
85c77091d41766aab1f91b990d9c8a3b8ae708b61c6b42bc023147c419d2a4ee0d56d6ce86650bc71f451014063dfd82271bd562a5da87f1ddcf5ef7e94dbf4f
-
SSDEEP
49152:wDN/LQQQsW2Oa+gJH1KmPhtGAiAnPD3D5Cj4HABszcpyoHJPTBotxYAPCQoCsc:moAVPABszcwoH6PCQ
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-