General
-
Target
140016ea1772b4873fd10c2d513eee77af669b8f932f88d64a5a7ed8ddc7cd46
-
Size
785KB
-
Sample
221003-bzs95aagd3
-
MD5
6f1fd73f65115d25d87c44984cc96ccc
-
SHA1
2b4bbed74ce96ddbc74f31b948d027465c92ee8f
-
SHA256
140016ea1772b4873fd10c2d513eee77af669b8f932f88d64a5a7ed8ddc7cd46
-
SHA512
6af3c3abd3794a4678ea1e6eebef6f04824941186a9f909a13cad52a62c8f1cb2a8f118976af46c521b754de398cd0a3e55666881bc3204ebb76bc5f8b108dad
-
SSDEEP
12288:NbSlIRDqKlYNAcvib0LKqn5VXky4mvK0DuIGxJ55EeuNgSHBbonvhqMmHH988R:ZS6RevcR4P9Duv75cmSynZqMq
Static task
static1
Behavioral task
behavioral1
Sample
140016ea1772b4873fd10c2d513eee77af669b8f932f88d64a5a7ed8ddc7cd46.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
140016ea1772b4873fd10c2d513eee77af669b8f932f88d64a5a7ed8ddc7cd46.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
140016ea1772b4873fd10c2d513eee77af669b8f932f88d64a5a7ed8ddc7cd46
-
Size
785KB
-
MD5
6f1fd73f65115d25d87c44984cc96ccc
-
SHA1
2b4bbed74ce96ddbc74f31b948d027465c92ee8f
-
SHA256
140016ea1772b4873fd10c2d513eee77af669b8f932f88d64a5a7ed8ddc7cd46
-
SHA512
6af3c3abd3794a4678ea1e6eebef6f04824941186a9f909a13cad52a62c8f1cb2a8f118976af46c521b754de398cd0a3e55666881bc3204ebb76bc5f8b108dad
-
SSDEEP
12288:NbSlIRDqKlYNAcvib0LKqn5VXky4mvK0DuIGxJ55EeuNgSHBbonvhqMmHH988R:ZS6RevcR4P9Duv75cmSynZqMq
Score10/10-
Adds policy Run key to start application
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-