General
-
Target
32-0d5a587f0c1dcff512f6112ee48859608db08307aa39887cc71480998d7070d4.zip
-
Size
53KB
-
Sample
221013-qx8pcsfhh2
-
MD5
4f1543f1be65629f7100fad37175423d
-
SHA1
161cb74573df95bda273ee4f7c255e444684355e
-
SHA256
b94ed5c46122b43af7214024068ec2f8df77fb2cc67d84ab6ad4dc7c0fedfaa6
-
SHA512
39d174c7b00dcb441c24818cb2b2fd37ada8454c8507876c4caa02bb1c23f906e565ef6423d5d24d3cbd46495d3639b314381370834315f840440fa43f36a5d6
-
SSDEEP
1536:JLZMyLhxZg0RjBXm5MPQHkA0gIkmRrnArNSYR2uye5r1C:Jeyjq0LXTEaptSEYzxr1C
Static task
static1
Behavioral task
behavioral1
Sample
32-0d5a587f0c1dcff512f6112ee48859608db08307aa39887cc71480998d7070d4.zip
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
32-0d5a587f0c1dcff512f6112ee48859608db08307aa39887cc71480998d7070d4.zip
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
0d5a587f0c1dcff512f6112ee48859608db08307aa39887cc71480998d7070d4.js
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
0d5a587f0c1dcff512f6112ee48859608db08307aa39887cc71480998d7070d4.js
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
32-0d5a587f0c1dcff512f6112ee48859608db08307aa39887cc71480998d7070d4.zip
-
Size
53KB
-
MD5
4f1543f1be65629f7100fad37175423d
-
SHA1
161cb74573df95bda273ee4f7c255e444684355e
-
SHA256
b94ed5c46122b43af7214024068ec2f8df77fb2cc67d84ab6ad4dc7c0fedfaa6
-
SHA512
39d174c7b00dcb441c24818cb2b2fd37ada8454c8507876c4caa02bb1c23f906e565ef6423d5d24d3cbd46495d3639b314381370834315f840440fa43f36a5d6
-
SSDEEP
1536:JLZMyLhxZg0RjBXm5MPQHkA0gIkmRrnArNSYR2uye5r1C:Jeyjq0LXTEaptSEYzxr1C
Score1/10 -
-
-
Target
0d5a587f0c1dcff512f6112ee48859608db08307aa39887cc71480998d7070d4.js
-
Size
115KB
-
MD5
e873a424159d2557551d0f4684af7a5f
-
SHA1
7dfcc66a95100143fae12531151355d2016718f0
-
SHA256
0d5a587f0c1dcff512f6112ee48859608db08307aa39887cc71480998d7070d4
-
SHA512
b8c9845734a0ec5c5d2e572b34df59baa1520fc12ca0f3377b0c5fff65239e08d876b39aac57c3a53138583d6c5c7cb6c2d181d8f46f962c4fe42b27106f9660
-
SSDEEP
3072:coUKfH3YLgmM4ZmXYYrNzrLrSEhJU4G0p3:coUKfH3YLM4Y/xzrLfr
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-