General
-
Target
c6cd48f5de1003cb893b6bea71fbd0d75e5f54248b6addc69b361dbadba8a7e8
-
Size
197KB
-
Sample
221002-2pam5sdhd4
-
MD5
70aedaea83dda565a6c9cffff0545cb2
-
SHA1
a194c09140fba4a5e2018e2ae94704422e6d2069
-
SHA256
c6cd48f5de1003cb893b6bea71fbd0d75e5f54248b6addc69b361dbadba8a7e8
-
SHA512
6f966352459ad8de80284cff1e217874376a384999767f72523893ee5e9de86e868fb0dd827a21057985ff952d34402da3e0af62448c4a603d25f4366c266918
-
SSDEEP
6144:ACOhduO1WWr3/TuKjAccqVfjoRe+8VAQqo1I6Dp:ACO/TTbrj9VfjooPD
Static task
static1
Behavioral task
behavioral1
Sample
c6cd48f5de1003cb893b6bea71fbd0d75e5f54248b6addc69b361dbadba8a7e8.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c6cd48f5de1003cb893b6bea71fbd0d75e5f54248b6addc69b361dbadba8a7e8.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c6cd48f5de1003cb893b6bea71fbd0d75e5f54248b6addc69b361dbadba8a7e8
-
Size
197KB
-
MD5
70aedaea83dda565a6c9cffff0545cb2
-
SHA1
a194c09140fba4a5e2018e2ae94704422e6d2069
-
SHA256
c6cd48f5de1003cb893b6bea71fbd0d75e5f54248b6addc69b361dbadba8a7e8
-
SHA512
6f966352459ad8de80284cff1e217874376a384999767f72523893ee5e9de86e868fb0dd827a21057985ff952d34402da3e0af62448c4a603d25f4366c266918
-
SSDEEP
6144:ACOhduO1WWr3/TuKjAccqVfjoRe+8VAQqo1I6Dp:ACO/TTbrj9VfjooPD
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-