General
-
Target
ba4df42e0d1da69941a8bd5041978290
-
Size
116KB
-
Sample
221006-y961asaghq
-
MD5
ba4df42e0d1da69941a8bd5041978290
-
SHA1
6dd217c951ec3873aab231d9a31fad5fd0348136
-
SHA256
02ba57277da83afa2a9846d00984d19544ac6c9615e2b6a2a9bea823a11e3527
-
SHA512
df6fbffb59f6c63dece3dc2e62c43bb303a2807038a29e73f60fc04a0d76f3d4b5899c4f9bc5cb5447a02136a967647d12440e63d885b8001b5f2a0403d417d3
-
SSDEEP
768:1XQaa+2MMStZWLeuNXuUKmRPMYvh5jhFgidgOJrpX9XOWPySdypolvx:hQaaMaJN+U1vhth6otkWPTgp25
Static task
static1
Behavioral task
behavioral1
Sample
attachment-2.iso
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
attachment-2.iso
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
IMG-02200001.js
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
IMG-02200001.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
attachment-2
-
Size
76KB
-
MD5
b568921a927e1b1501a4192ff1380623
-
SHA1
06ed2348fc70539ca0aa919a4332df1547c1e60c
-
SHA256
2dcdcb662b8794478bdc0475ac683551be6c510d8796de645ba1a9f2efaf2160
-
SHA512
1203248d55baf953868e5670ed803595a051c128ad74fef58b1be4e1149381793cb94e3141c7e936369d039250910a13546621f48ec95685fb49114386b5b65c
-
SSDEEP
384:8EEVAFXOaE6YD+f0UELie88fbKbPySqewMtYevFSr:8EEKFXOvYMWXZbPVqRuSr
Score3/10 -
-
-
Target
IMG-02200001.js
-
Size
14KB
-
MD5
abe454ff73cc47686a8dc9a80d42b764
-
SHA1
a2b1ec806ab1d131aaa736bd6f8825f9bd8e303c
-
SHA256
7fb2e5a6bc97c04d0fab46503ebd49d6b809e04506c06734c9c1e8584059b6a9
-
SHA512
3fda2a1c37880ccfde59c7dc6e94938e51ac3e83b7c79c3a166173318178714ed195b54bc8f66d5a56cda89d23ccc9a958a9dcc0f7f1ef49c00ec3fed1c11330
-
SSDEEP
384:8EVAFXOaE6YD+f0UELie88fbKbPySqewMtYevFSr7:8EKFXOvYMWXZbPVqRuSr7
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-