General
-
Target
ee2b8ac2f371f8171fac539779be1a221532427a737097a522529926885ce5ba
-
Size
447KB
-
Sample
221124-gjg5tafg2w
-
MD5
bcd9539fa9090775c23f4e1e298ce033
-
SHA1
c15a099682c67cae3ed9899156984772ec6319ad
-
SHA256
ee2b8ac2f371f8171fac539779be1a221532427a737097a522529926885ce5ba
-
SHA512
75e2030e37f64be5eccbc258ed0c9d6a6b5da1ce02a9436160910a57a56a4a8c211995ff5fe95bb167a61db2372b637347b06fd975355d242c91c51263b7c00e
-
SSDEEP
12288:JHICZ9iSCnm8B/Hw9pVKGCs64DVdZ3+8qFXTjI:JoC7ijwFKlVadZ3+8qNI
Static task
static1
Behavioral task
behavioral1
Sample
ee2b8ac2f371f8171fac539779be1a221532427a737097a522529926885ce5ba.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ee2b8ac2f371f8171fac539779be1a221532427a737097a522529926885ce5ba.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
ee2b8ac2f371f8171fac539779be1a221532427a737097a522529926885ce5ba
-
Size
447KB
-
MD5
bcd9539fa9090775c23f4e1e298ce033
-
SHA1
c15a099682c67cae3ed9899156984772ec6319ad
-
SHA256
ee2b8ac2f371f8171fac539779be1a221532427a737097a522529926885ce5ba
-
SHA512
75e2030e37f64be5eccbc258ed0c9d6a6b5da1ce02a9436160910a57a56a4a8c211995ff5fe95bb167a61db2372b637347b06fd975355d242c91c51263b7c00e
-
SSDEEP
12288:JHICZ9iSCnm8B/Hw9pVKGCs64DVdZ3+8qFXTjI:JoC7ijwFKlVadZ3+8qNI
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Blocklisted process makes network request
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-