General
-
Target
4704beb76220f05db53d767ef764256d6ff0831e47b382523aff135e18906475
-
Size
45KB
-
Sample
221123-vs2sgacg9t
-
MD5
0a55a7fb53951bd641630925954bec57
-
SHA1
a78a373a36add2a44d47aea4659eed74aa67f0b1
-
SHA256
4704beb76220f05db53d767ef764256d6ff0831e47b382523aff135e18906475
-
SHA512
571fd59005f7e5668d440f02a1f04b600e65be5c9e23bc2d5bb659475fa5526f0927e5a86cb10f6391f55b00295eed43f438c6abbba12f4d6bf6204abef0e8cd
-
SSDEEP
768:E1AuwHyeFo6NPIFAoslbf8eRYLGXdoIFbb5omuKWcbsvwnoT9D88888888888JXD:EOxyeFo6NPCAosxYyXdF5oy3VoKD
Static task
static1
Behavioral task
behavioral1
Sample
4704beb76220f05db53d767ef764256d6ff0831e47b382523aff135e18906475.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
4704beb76220f05db53d767ef764256d6ff0831e47b382523aff135e18906475.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
4704beb76220f05db53d767ef764256d6ff0831e47b382523aff135e18906475
-
Size
45KB
-
MD5
0a55a7fb53951bd641630925954bec57
-
SHA1
a78a373a36add2a44d47aea4659eed74aa67f0b1
-
SHA256
4704beb76220f05db53d767ef764256d6ff0831e47b382523aff135e18906475
-
SHA512
571fd59005f7e5668d440f02a1f04b600e65be5c9e23bc2d5bb659475fa5526f0927e5a86cb10f6391f55b00295eed43f438c6abbba12f4d6bf6204abef0e8cd
-
SSDEEP
768:E1AuwHyeFo6NPIFAoslbf8eRYLGXdoIFbb5omuKWcbsvwnoT9D88888888888JXD:EOxyeFo6NPCAosxYyXdF5oy3VoKD
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-