General
-
Target
25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430
-
Size
34KB
-
Sample
221029-yjnq2acec6
-
MD5
a3526a2d7f883651152991ee56bb1e24
-
SHA1
d0238cdbe3176cd05225fff7ef26a0055b6e57b6
-
SHA256
25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430
-
SHA512
7ddbeb1a6b3e103d13dd3a5cc4848b64662635f1a9b500c43b1c9816e3504c5421cf38561694b8110b604518de1a727be105d22529064f2e26956dcbe04dbfe5
-
SSDEEP
384:LLTcHxgGK39CIKgOJQ8hAldtqoi8meQs8zT2sbOkRLT9npzl+1PiXzn5gf1kz4uQ:f8pK3s4xTFQlasJpMqXn4uH/+kSv
Static task
static1
Behavioral task
behavioral1
Sample
25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
3012961595
Targets
-
-
Target
25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430
-
Size
34KB
-
MD5
a3526a2d7f883651152991ee56bb1e24
-
SHA1
d0238cdbe3176cd05225fff7ef26a0055b6e57b6
-
SHA256
25cb8974a265a7952e01ab74d1ecea30435a01aeed482b934cba66c2d1347430
-
SHA512
7ddbeb1a6b3e103d13dd3a5cc4848b64662635f1a9b500c43b1c9816e3504c5421cf38561694b8110b604518de1a727be105d22529064f2e26956dcbe04dbfe5
-
SSDEEP
384:LLTcHxgGK39CIKgOJQ8hAldtqoi8meQs8zT2sbOkRLT9npzl+1PiXzn5gf1kz4uQ:f8pK3s4xTFQlasJpMqXn4uH/+kSv
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-