General
-
Target
file.exe
-
Size
7.3MB
-
Sample
220925-bjc8zacfc5
-
MD5
eca73c15c1809fd6726daa4d0deebc33
-
SHA1
4c42cb044533473e07102ead72183ead0cbb3d27
-
SHA256
9e70618bd17d25950a53fd9c2b83f20b19fdbf7ebfe34b016ec55e6b327279eb
-
SHA512
a79022aad4a39b84b269aacd216aae729dff4178858e0c57c3ec838b500214b4320ba37acdc0ea6f40b12b92039a187d6be5309eca3d75bc50ab8a3b1804beb9
-
SSDEEP
196608:91O8fM8am3U1EswGUfjl1HkPiEQ80iPe/AmcqrVy39MvrT1W:3OKFamYwGEjl1EPi6tq0avs
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
7.3MB
-
MD5
eca73c15c1809fd6726daa4d0deebc33
-
SHA1
4c42cb044533473e07102ead72183ead0cbb3d27
-
SHA256
9e70618bd17d25950a53fd9c2b83f20b19fdbf7ebfe34b016ec55e6b327279eb
-
SHA512
a79022aad4a39b84b269aacd216aae729dff4178858e0c57c3ec838b500214b4320ba37acdc0ea6f40b12b92039a187d6be5309eca3d75bc50ab8a3b1804beb9
-
SSDEEP
196608:91O8fM8am3U1EswGUfjl1HkPiEQ80iPe/AmcqrVy39MvrT1W:3OKFamYwGEjl1EPi6tq0avs
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-