General
-
Target
c8d752e3a406f31e1502f2b2e6f0868584bb50ffcb9587b219321ffd26b940c4
-
Size
497KB
-
Sample
221124-x3g7xsdg73
-
MD5
5a3382999604418064ed390e15bb9a87
-
SHA1
b30098d6d9324276a5e6b72d9ed1c536635f3d43
-
SHA256
c8d752e3a406f31e1502f2b2e6f0868584bb50ffcb9587b219321ffd26b940c4
-
SHA512
74ecb59ef3909a432ff6dfe9b15b9f7533fed647596db11c26d521755882f4461d5e2f635dd1e2d47c3e1e24568378c55cfbdfafa76f836209214e91db939490
-
SSDEEP
12288:tXRaG9dAa9tOb4covZ29Vqc4R/noXTdfYl7R6yh:ba4Lcoh2O5h6v
Static task
static1
Behavioral task
behavioral1
Sample
c8d752e3a406f31e1502f2b2e6f0868584bb50ffcb9587b219321ffd26b940c4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c8d752e3a406f31e1502f2b2e6f0868584bb50ffcb9587b219321ffd26b940c4.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c8d752e3a406f31e1502f2b2e6f0868584bb50ffcb9587b219321ffd26b940c4
-
Size
497KB
-
MD5
5a3382999604418064ed390e15bb9a87
-
SHA1
b30098d6d9324276a5e6b72d9ed1c536635f3d43
-
SHA256
c8d752e3a406f31e1502f2b2e6f0868584bb50ffcb9587b219321ffd26b940c4
-
SHA512
74ecb59ef3909a432ff6dfe9b15b9f7533fed647596db11c26d521755882f4461d5e2f635dd1e2d47c3e1e24568378c55cfbdfafa76f836209214e91db939490
-
SSDEEP
12288:tXRaG9dAa9tOb4covZ29Vqc4R/noXTdfYl7R6yh:ba4Lcoh2O5h6v
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-