General
-
Target
5f331dedb2f42339dc2c63c37cbe0ad6c08284321dbd55e63ea962c34047c467
-
Size
421KB
-
Sample
221011-lafmvafgd3
-
MD5
49db6b31edf8467024dd179caa0ef443
-
SHA1
90feaac57268b744f6c4d241d0bcd0d9946f3159
-
SHA256
5f331dedb2f42339dc2c63c37cbe0ad6c08284321dbd55e63ea962c34047c467
-
SHA512
b285d5bc00917b1138e54f87209b10b46696f421a1e491b8f9c8e5949831cfdd1ff153582c2148a2e1594e06dc98ba84e91b6e7539539abd03d341045dcc159a
-
SSDEEP
12288:LK3D4laCy90VxQsrlxrj3pbJrnGV5aj9:iVCy2xQsrPrj3BZGHa
Static task
static1
Behavioral task
behavioral1
Sample
5f331dedb2f42339dc2c63c37cbe0ad6c08284321dbd55e63ea962c34047c467.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
5f331dedb2f42339dc2c63c37cbe0ad6c08284321dbd55e63ea962c34047c467
-
Size
421KB
-
MD5
49db6b31edf8467024dd179caa0ef443
-
SHA1
90feaac57268b744f6c4d241d0bcd0d9946f3159
-
SHA256
5f331dedb2f42339dc2c63c37cbe0ad6c08284321dbd55e63ea962c34047c467
-
SHA512
b285d5bc00917b1138e54f87209b10b46696f421a1e491b8f9c8e5949831cfdd1ff153582c2148a2e1594e06dc98ba84e91b6e7539539abd03d341045dcc159a
-
SSDEEP
12288:LK3D4laCy90VxQsrlxrj3pbJrnGV5aj9:iVCy2xQsrPrj3BZGHa
-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-