General
-
Target
d3111ef723270c40dab97ad181909147d93327de606d52efeb455e9e5708e03c
-
Size
821KB
-
Sample
221002-2fr6tsddh9
-
MD5
057545d635aad6ca2bfdc05b35ae17bf
-
SHA1
95284d4df2cd1a4bee2d23a5acd33ba72977242d
-
SHA256
d3111ef723270c40dab97ad181909147d93327de606d52efeb455e9e5708e03c
-
SHA512
3f9adc1e04e6690f02c32b39f51b44a9549e8b3ca0048a55c6b82d7a95f430aae3575e6cb5f140c149d60e23788fa14d1cfea4a2cffd8e558e84eb5e4285fc54
-
SSDEEP
12288:whkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4aNcdjRfxIq7N:4RmJkcoQricOIQxiZY1iaUJxJN
Static task
static1
Behavioral task
behavioral1
Sample
d3111ef723270c40dab97ad181909147d93327de606d52efeb455e9e5708e03c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d3111ef723270c40dab97ad181909147d93327de606d52efeb455e9e5708e03c.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
d3111ef723270c40dab97ad181909147d93327de606d52efeb455e9e5708e03c
-
Size
821KB
-
MD5
057545d635aad6ca2bfdc05b35ae17bf
-
SHA1
95284d4df2cd1a4bee2d23a5acd33ba72977242d
-
SHA256
d3111ef723270c40dab97ad181909147d93327de606d52efeb455e9e5708e03c
-
SHA512
3f9adc1e04e6690f02c32b39f51b44a9549e8b3ca0048a55c6b82d7a95f430aae3575e6cb5f140c149d60e23788fa14d1cfea4a2cffd8e558e84eb5e4285fc54
-
SSDEEP
12288:whkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4aNcdjRfxIq7N:4RmJkcoQricOIQxiZY1iaUJxJN
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-