General
-
Target
bc8a3f79-94d7-43c5-bf5c-8d164ba1c859.zip
-
Size
221KB
-
Sample
221101-mss7bsbhgk
-
MD5
4f4231ca9e12aafac48a121121c6f940
-
SHA1
7bd217554749f0f3c31957a37fc70d0a86e71fc3
-
SHA256
be604dc018712b1b1a0802f4ec5a35b29aab839f86343fc4b6f2cb784d58f901
-
SHA512
e900e1ad20a64dabba711b74c2892c3063e438a3f57c28565e75a57e908166ec8864efca56bdce4ce8ecbfcbeda2d81e5175237d0882cdb58023b6512d9c7206
-
SSDEEP
6144:fVjsN3XWRCwiZ4s5RAxzuZ8ckpj51OasCVhfBD:ficRCwiZH5REzuGLkohf9
Static task
static1
Behavioral task
behavioral1
Sample
demurest.cmd
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
demurest.cmd
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
documents-9771.lnk
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
documents-9771.lnk
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
demurest.cmd
-
Size
710B
-
MD5
586fe6d361ef5208fad28c5ff8a4579b
-
SHA1
bf4177381235393279e7cdfd45a3fa497b7b8a96
-
SHA256
364d346da8e398a89d3542600cbc72984b857df3d20a6dc37879f14e5e173522
-
SHA512
bb702af1aeba2b2ccf317404f601a61457fee2348a07c55324afee32406a0ab436b49a54eee2500f3620382f066d6912724ba7cb3cf4b4b1ee4997a3a922b8ea
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
documents-9771.lnk
-
Size
2KB
-
MD5
51e416c3d3be568864994449cd39caa1
-
SHA1
ee1c5e9f1257fbda3b174d534d06dddf435d3327
-
SHA256
57842fe8723ed6ebdf7fc17fc341909ad05a7a4feec8bdb5e062882da29fa1a8
-
SHA512
020cc070c30e5cf192145056b24198846b9cc856ba001924eb95d439d521cffc5c133f7c8506724a2e53083fb5cd8343945370094ed1e1923ca3e9622526bcd8
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-