General
-
Target
716740c2cffce87b85f16e2fdcba5885
-
Size
116KB
-
Sample
221006-y78q4saec6
-
MD5
716740c2cffce87b85f16e2fdcba5885
-
SHA1
dd2f2d3595d268bcb8ba7dd4ce99a584762ffc55
-
SHA256
30be1dff7ff1ffad8346be27c5a8c2ef900e54b85dc70c4cc1fc1009755746f6
-
SHA512
87eb1acd9237379dc18819eec86ab4f4af781ea39bca32197a719439a7b121f10b412eb11bd794b5f222e5e772bda413cfb8ed78bafeac6698c7569fb5da73bf
-
SSDEEP
768:MPXQYX0o1iw7uNXuUZmRPMYvh5jhFgidgOJrpX9XOWPySdypolvZ:MfQYXD1iwKN+UGvhth6otkWPTgp2h
Static task
static1
Behavioral task
behavioral1
Sample
attachment-2.iso
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
attachment-2.iso
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
IMG-02200001.js
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
IMG-02200001.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
attachment-2
-
Size
76KB
-
MD5
b568921a927e1b1501a4192ff1380623
-
SHA1
06ed2348fc70539ca0aa919a4332df1547c1e60c
-
SHA256
2dcdcb662b8794478bdc0475ac683551be6c510d8796de645ba1a9f2efaf2160
-
SHA512
1203248d55baf953868e5670ed803595a051c128ad74fef58b1be4e1149381793cb94e3141c7e936369d039250910a13546621f48ec95685fb49114386b5b65c
-
SSDEEP
384:8EEVAFXOaE6YD+f0UELie88fbKbPySqewMtYevFSr:8EEKFXOvYMWXZbPVqRuSr
Score3/10 -
-
-
Target
IMG-02200001.js
-
Size
14KB
-
MD5
abe454ff73cc47686a8dc9a80d42b764
-
SHA1
a2b1ec806ab1d131aaa736bd6f8825f9bd8e303c
-
SHA256
7fb2e5a6bc97c04d0fab46503ebd49d6b809e04506c06734c9c1e8584059b6a9
-
SHA512
3fda2a1c37880ccfde59c7dc6e94938e51ac3e83b7c79c3a166173318178714ed195b54bc8f66d5a56cda89d23ccc9a958a9dcc0f7f1ef49c00ec3fed1c11330
-
SSDEEP
384:8EVAFXOaE6YD+f0UELie88fbKbPySqewMtYevFSr7:8EKFXOvYMWXZbPVqRuSr7
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-