General
-
Target
file.exe
-
Size
7.2MB
-
Sample
220924-t1cymschhm
-
MD5
58234d5f224f593e3f9fd7fa3e0b080c
-
SHA1
0beb37bfa2b4dfee26f867aba074e463fc03d1cb
-
SHA256
d6a8495804c1f55f3378348b050bb5da2a8a2415a72175169578f75c9ee86cc3
-
SHA512
3000dc8661a25d21c97559a8248d060180c5b3073a04f12168bbc8caabecd5247b787ccf68c25ae6777c7d8f69397353d61725264e01a9d71881ca37bdd11e0d
-
SSDEEP
196608:91OoyDcCSTnoOx6iCoLI1x08B6Co3cgzFkmHVrd:3OrcPTnowRCo3cgCm1rd
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
7.2MB
-
MD5
58234d5f224f593e3f9fd7fa3e0b080c
-
SHA1
0beb37bfa2b4dfee26f867aba074e463fc03d1cb
-
SHA256
d6a8495804c1f55f3378348b050bb5da2a8a2415a72175169578f75c9ee86cc3
-
SHA512
3000dc8661a25d21c97559a8248d060180c5b3073a04f12168bbc8caabecd5247b787ccf68c25ae6777c7d8f69397353d61725264e01a9d71881ca37bdd11e0d
-
SSDEEP
196608:91OoyDcCSTnoOx6iCoLI1x08B6Co3cgzFkmHVrd:3OrcPTnowRCo3cgCm1rd
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-