General
-
Target
6fdd97ca703c12628b3eb0cb3a0bed5daf10c76a1619613c563aa07cc8f63665
-
Size
148KB
-
Sample
221124-qtvy4aga36
-
MD5
33acba5bc6dc7200bbcbf5528a392b7b
-
SHA1
80838a9c87c5436eb95e9934d9dd6ad87784541d
-
SHA256
6fdd97ca703c12628b3eb0cb3a0bed5daf10c76a1619613c563aa07cc8f63665
-
SHA512
f6dc9defe54cbcbc03c6d8fac5eaea2d1ffc2034c59868b7dbc2ea8fa8b18ab7bf3e161a6d110fac562f93a4009e960e7bdea9abec0b4147b7396f479ebd6642
-
SSDEEP
3072:4RQe3L7SPI8SxLDRuCX+iEuegzWn3gRA2ori:4RQu7ohSVA+EuLaONoe
Static task
static1
Behavioral task
behavioral1
Sample
6fdd97ca703c12628b3eb0cb3a0bed5daf10c76a1619613c563aa07cc8f63665.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
6fdd97ca703c12628b3eb0cb3a0bed5daf10c76a1619613c563aa07cc8f63665.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
6fdd97ca703c12628b3eb0cb3a0bed5daf10c76a1619613c563aa07cc8f63665
-
Size
148KB
-
MD5
33acba5bc6dc7200bbcbf5528a392b7b
-
SHA1
80838a9c87c5436eb95e9934d9dd6ad87784541d
-
SHA256
6fdd97ca703c12628b3eb0cb3a0bed5daf10c76a1619613c563aa07cc8f63665
-
SHA512
f6dc9defe54cbcbc03c6d8fac5eaea2d1ffc2034c59868b7dbc2ea8fa8b18ab7bf3e161a6d110fac562f93a4009e960e7bdea9abec0b4147b7396f479ebd6642
-
SSDEEP
3072:4RQe3L7SPI8SxLDRuCX+iEuegzWn3gRA2ori:4RQu7ohSVA+EuLaONoe
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-