General
-
Target
a9652a92f142b4d3ba8735e9bbf57b3cf6cd323a6381537f9966efd49d048af7
-
Size
634KB
-
Sample
221108-pfj41ahdcl
-
MD5
c672f899bc683144d51647f8195e4e34
-
SHA1
58bd52a655f69140985f81db6403d9714f5a0fe5
-
SHA256
a9652a92f142b4d3ba8735e9bbf57b3cf6cd323a6381537f9966efd49d048af7
-
SHA512
efa7964fe34a8d1f6ae76583a813ac6637634a935651f4debb0db18d7815cb0a83570539dcc4bbe82bdb9075f612baf3c8a683392ee3a35287faabbd6750b86d
-
SSDEEP
12288:3SCnuZuB8YTKLgt99WX3Sg+qnsMpUrYdZwwmKI6wa6To4gORkAWTos9:3TuZA8iR9syOjZOa6To6kD19
Static task
static1
Behavioral task
behavioral1
Sample
Arrival Notice 00054625367523225.jar
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Arrival Notice 00054625367523225.jar
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Arrival Notice 00054625367523225.jar
-
Size
634KB
-
MD5
fa64690dda2484a48fc86411efbb2d43
-
SHA1
064b7ed248714ad406e408c3d8f3381023e9fa64
-
SHA256
e2e2f25cbf2bdf82ebd9cb9c7fd157b60537e606b10c85d4955d6460c93d037e
-
SHA512
a2b3bba43a9967609ee016a5ae0c854db2f0d9c02733a83e2b5a7249e66a4c62deb20977f199a669f92a7b9947285e036f685b3c5db82137d35cd9fcff185fdd
-
SSDEEP
12288:oSCbuX8B8YhKLgB/nWX3MgwqnEMN6ZYjpOwIKI0Ua6Bi4IOtQAITk:ofuXS8wN/WsGPHGa6BioQ7Y
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-