General
-
Target
3317fd13e0377c08ba274fdeca8413e163380c26182826851806799e5a140403
-
Size
109KB
-
Sample
221124-ntssmaee8x
-
MD5
192e78e7db7e447729433b4f310ea6b6
-
SHA1
ed38943a6aa889c956b791383229d04fcd13e9d2
-
SHA256
3317fd13e0377c08ba274fdeca8413e163380c26182826851806799e5a140403
-
SHA512
6ae3695b00ecfbc78045f913b0a7a2453013e5aff981bb1074427ce0640a271374379369424c84486f112d47a41c6137b89b6bdbeae59281ccde24d5cb5aacda
-
SSDEEP
3072:yLha0r+jOVlXZ8fjnsCAP4uyPoitxwqpFr:4i7fVA4D1t
Static task
static1
Behavioral task
behavioral1
Sample
3317fd13e0377c08ba274fdeca8413e163380c26182826851806799e5a140403.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
3317fd13e0377c08ba274fdeca8413e163380c26182826851806799e5a140403.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
3317fd13e0377c08ba274fdeca8413e163380c26182826851806799e5a140403
-
Size
109KB
-
MD5
192e78e7db7e447729433b4f310ea6b6
-
SHA1
ed38943a6aa889c956b791383229d04fcd13e9d2
-
SHA256
3317fd13e0377c08ba274fdeca8413e163380c26182826851806799e5a140403
-
SHA512
6ae3695b00ecfbc78045f913b0a7a2453013e5aff981bb1074427ce0640a271374379369424c84486f112d47a41c6137b89b6bdbeae59281ccde24d5cb5aacda
-
SSDEEP
3072:yLha0r+jOVlXZ8fjnsCAP4uyPoitxwqpFr:4i7fVA4D1t
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-