General
-
Target
8fe298ced61542daafc4b97db08c385d49bf4ead7e342775f5e7e59c75beb772
-
Size
204KB
-
Sample
221124-ez8xcscb4v
-
MD5
b704a8917354ea328439ab277695c988
-
SHA1
363b180aa6848b1769ee9727d0a567a4204d0dd8
-
SHA256
8fe298ced61542daafc4b97db08c385d49bf4ead7e342775f5e7e59c75beb772
-
SHA512
cc805e50fd2ebdb563f3d75897798062e6733ad62ce23ce21f966595cc4b64bfcbcf192939c2794f6d308c02e8f8bacdc375e0dea4a17fd176b6f49128b7d5af
-
SSDEEP
6144:4XHdo4n52x9lLdVa28IgSQ51VRx4hvd/:4X43VaR/nx2N
Static task
static1
Behavioral task
behavioral1
Sample
8fe298ced61542daafc4b97db08c385d49bf4ead7e342775f5e7e59c75beb772.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
8fe298ced61542daafc4b97db08c385d49bf4ead7e342775f5e7e59c75beb772.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
8fe298ced61542daafc4b97db08c385d49bf4ead7e342775f5e7e59c75beb772
-
Size
204KB
-
MD5
b704a8917354ea328439ab277695c988
-
SHA1
363b180aa6848b1769ee9727d0a567a4204d0dd8
-
SHA256
8fe298ced61542daafc4b97db08c385d49bf4ead7e342775f5e7e59c75beb772
-
SHA512
cc805e50fd2ebdb563f3d75897798062e6733ad62ce23ce21f966595cc4b64bfcbcf192939c2794f6d308c02e8f8bacdc375e0dea4a17fd176b6f49128b7d5af
-
SSDEEP
6144:4XHdo4n52x9lLdVa28IgSQ51VRx4hvd/:4X43VaR/nx2N
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-