General
-
Target
file.exe
-
Size
7.2MB
-
Sample
220924-vsjxnadabj
-
MD5
aa638206a4f0a6eebc941a99dfc93ab3
-
SHA1
9c4ceaec67709faf87ac6d8a30441f9988734122
-
SHA256
d01f3e7e7c6bd0874627528520efaccb0648156d19701c6a21089ce52f0d6924
-
SHA512
db4c8a413f3a309cd0f4773a6ee2718c096a3067b6480c9cde3bd3d60ebdc75414d0b557ae6224987b4e6038c591110f4e20f2e4db2e7fb0f9a924b1d634ce08
-
SSDEEP
196608:91OPdOApBzZl69uS3cHAqhkHG6BA8MH+pCYYkeE2LGI/:3OPcQKqhvUvMH+pzYQc/
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
7.2MB
-
MD5
aa638206a4f0a6eebc941a99dfc93ab3
-
SHA1
9c4ceaec67709faf87ac6d8a30441f9988734122
-
SHA256
d01f3e7e7c6bd0874627528520efaccb0648156d19701c6a21089ce52f0d6924
-
SHA512
db4c8a413f3a309cd0f4773a6ee2718c096a3067b6480c9cde3bd3d60ebdc75414d0b557ae6224987b4e6038c591110f4e20f2e4db2e7fb0f9a924b1d634ce08
-
SSDEEP
196608:91OPdOApBzZl69uS3cHAqhkHG6BA8MH+pCYYkeE2LGI/:3OPcQKqhvUvMH+pzYQc/
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-