General
-
Target
424bf793a469e012db0796188ae9504e.exe
-
Size
10.0MB
-
Sample
220921-bacwvaefh8
-
MD5
424bf793a469e012db0796188ae9504e
-
SHA1
a50d7021d32091535d590e90840e2e837727d2f9
-
SHA256
9b880018e90051fda535402a112e213721f5b45ffe85341b41f99954487c8bf3
-
SHA512
088485d114a37f89b3bf3971057cbf988faf91cf030c0204d3c8fd8fef1e0b009a488ac151ad729e5a5691f07b61d13232087d2977a7249a3457b0734869db38
-
SSDEEP
768:VeXApxi6glon9fUwPYhVG3WGwHQ0b8sfKjhUt7jOjmL0wx:VewpFxsH7b8sCjhG76iAwx
Static task
static1
Behavioral task
behavioral1
Sample
424bf793a469e012db0796188ae9504e.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
424bf793a469e012db0796188ae9504e.exe
-
Size
10.0MB
-
MD5
424bf793a469e012db0796188ae9504e
-
SHA1
a50d7021d32091535d590e90840e2e837727d2f9
-
SHA256
9b880018e90051fda535402a112e213721f5b45ffe85341b41f99954487c8bf3
-
SHA512
088485d114a37f89b3bf3971057cbf988faf91cf030c0204d3c8fd8fef1e0b009a488ac151ad729e5a5691f07b61d13232087d2977a7249a3457b0734869db38
-
SSDEEP
768:VeXApxi6glon9fUwPYhVG3WGwHQ0b8sfKjhUt7jOjmL0wx:VewpFxsH7b8sCjhG76iAwx
-
Async RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-