General
-
Target
b0e800e942bdc047aa69b305a1443df30144663be70481f8f9ad36a61f206170
-
Size
228KB
-
Sample
221124-anpbcseh76
-
MD5
2b163d8ef071a241bc00fb2922f0feee
-
SHA1
d0d66cdb76e5dc5716a9ec1a40790b96a49c351f
-
SHA256
b0e800e942bdc047aa69b305a1443df30144663be70481f8f9ad36a61f206170
-
SHA512
326b1dc5645a2c0f2875ebcef2c20cec569e03dfb4798b62b2ffc2cea0dae8daa944fc5ca574058f6cbddd830db7d91d0833fa79ac19c884e8d486a99a102c05
-
SSDEEP
3072:fmkiX6HOTPI/YXYqqd8MoNrozX+h2RAGCD6fjtQ/MK:fmO3/qqdGrhAeyBQ/F
Static task
static1
Behavioral task
behavioral1
Sample
b0e800e942bdc047aa69b305a1443df30144663be70481f8f9ad36a61f206170.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b0e800e942bdc047aa69b305a1443df30144663be70481f8f9ad36a61f206170.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
b0e800e942bdc047aa69b305a1443df30144663be70481f8f9ad36a61f206170
-
Size
228KB
-
MD5
2b163d8ef071a241bc00fb2922f0feee
-
SHA1
d0d66cdb76e5dc5716a9ec1a40790b96a49c351f
-
SHA256
b0e800e942bdc047aa69b305a1443df30144663be70481f8f9ad36a61f206170
-
SHA512
326b1dc5645a2c0f2875ebcef2c20cec569e03dfb4798b62b2ffc2cea0dae8daa944fc5ca574058f6cbddd830db7d91d0833fa79ac19c884e8d486a99a102c05
-
SSDEEP
3072:fmkiX6HOTPI/YXYqqd8MoNrozX+h2RAGCD6fjtQ/MK:fmO3/qqdGrhAeyBQ/F
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-