General
-
Target
bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c
-
Size
451KB
-
Sample
221123-aes8ysdg28
-
MD5
c10e6df6488b413f264e96b628a1b1ee
-
SHA1
65f368d406b874e1f1d9a4bffc38a9969bc9c413
-
SHA256
bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c
-
SHA512
ed20ab6e0432c3657cebe2e49892481b61be11b2db171e3e22bcf55a959c6c4178e04f5af8a9abae5de65bfe95d0c5de17ea886710ea8b646679d0dcb5c2fed6
-
SSDEEP
12288:pK2mhAMJ/cPlFhaVqrZAcxGBu/WdyQuIk:I2O/GlFYYAIGBu+g
Static task
static1
Behavioral task
behavioral1
Sample
bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c
-
Size
451KB
-
MD5
c10e6df6488b413f264e96b628a1b1ee
-
SHA1
65f368d406b874e1f1d9a4bffc38a9969bc9c413
-
SHA256
bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c
-
SHA512
ed20ab6e0432c3657cebe2e49892481b61be11b2db171e3e22bcf55a959c6c4178e04f5af8a9abae5de65bfe95d0c5de17ea886710ea8b646679d0dcb5c2fed6
-
SSDEEP
12288:pK2mhAMJ/cPlFhaVqrZAcxGBu/WdyQuIk:I2O/GlFYYAIGBu+g
Score10/10-
Detected phishing page
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-