General
-
Target
Boy-Scout-Advancement-Excel-Spreadsheet.exe
-
Size
107.6MB
-
Sample
221117-t7dthseh95
-
MD5
b997b48b39e87290faba86584d784354
-
SHA1
d0755aef2c751f34fc7af18724cbac25355dd145
-
SHA256
44573b35155c537eaa49d77bf8251f796f0db00c3e99be315e8e340fb24bdda2
-
SHA512
e3bd284ab11b965d37c9accb2825bed60c5eb04c2db3bfc192404b21210e8d641106ef7be84c7e2e8f3fdc47831f3f38c0b5270d15cc1fb174159746b474a40b
-
SSDEEP
196608:sb3tq/qkMTe5v9OhQ4XPH7tNSdDawF4eEpUgCRNj7AJZQzJ////////////////k:sb9KcOY3vAawF4vpUgCRNPAo8bcJk
Static task
static1
Malware Config
Targets
-
-
Target
Boy-Scout-Advancement-Excel-Spreadsheet.exe
-
Size
107.6MB
-
MD5
b997b48b39e87290faba86584d784354
-
SHA1
d0755aef2c751f34fc7af18724cbac25355dd145
-
SHA256
44573b35155c537eaa49d77bf8251f796f0db00c3e99be315e8e340fb24bdda2
-
SHA512
e3bd284ab11b965d37c9accb2825bed60c5eb04c2db3bfc192404b21210e8d641106ef7be84c7e2e8f3fdc47831f3f38c0b5270d15cc1fb174159746b474a40b
-
SSDEEP
196608:sb3tq/qkMTe5v9OhQ4XPH7tNSdDawF4eEpUgCRNj7AJZQzJ////////////////k:sb9KcOY3vAawF4vpUgCRNPAo8bcJk
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Registers COM server for autorun
-
Registers new Print Monitor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-