General
-
Target
dfc2f935f757c708c388d7fe0bf14c97af5e9e53b13b3944225e803232647305
-
Size
58KB
-
Sample
221124-avgvvsfd39
-
MD5
25f4773820efe20baf6a06471701bbb0
-
SHA1
9ee7e516d27b8d1e9a3cd73285c9e548f8678b44
-
SHA256
dfc2f935f757c708c388d7fe0bf14c97af5e9e53b13b3944225e803232647305
-
SHA512
98b092a46dbf0ec1a98395d1130c1fa1aecf36234fb015a46d32182767a7101510d04c76fb0f44838dfb99e2fa5f809c20f305ffe441c6b1528594ea1f23946a
-
SSDEEP
768:6pUt1E/8mS+amkLFRccny45nHguULyEfq+NfAR3b3rI3k0pYD60a2nBdv2tEvP:6pO1Ek93yAgfGUt23brI3k0Q6F6dUGP
Static task
static1
Behavioral task
behavioral1
Sample
dfc2f935f757c708c388d7fe0bf14c97af5e9e53b13b3944225e803232647305.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
dfc2f935f757c708c388d7fe0bf14c97af5e9e53b13b3944225e803232647305.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
dfc2f935f757c708c388d7fe0bf14c97af5e9e53b13b3944225e803232647305
-
Size
58KB
-
MD5
25f4773820efe20baf6a06471701bbb0
-
SHA1
9ee7e516d27b8d1e9a3cd73285c9e548f8678b44
-
SHA256
dfc2f935f757c708c388d7fe0bf14c97af5e9e53b13b3944225e803232647305
-
SHA512
98b092a46dbf0ec1a98395d1130c1fa1aecf36234fb015a46d32182767a7101510d04c76fb0f44838dfb99e2fa5f809c20f305ffe441c6b1528594ea1f23946a
-
SSDEEP
768:6pUt1E/8mS+amkLFRccny45nHguULyEfq+NfAR3b3rI3k0pYD60a2nBdv2tEvP:6pO1Ek93yAgfGUt23brI3k0Q6F6dUGP
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-