General
-
Target
CmdRegCleaner.zip
-
Size
280KB
-
Sample
221124-x81w8aeb69
-
MD5
25b18997801a18b7a535179af043eee8
-
SHA1
24cf66eda9e7271769684de49ab32c23789665c0
-
SHA256
773feea1bd44fec204c72fab08cd490c50a3d39d50d9a58d031eaaf2d8674c60
-
SHA512
8beba8de31a66f3be9a2b176af70a155a901d5c80dfa4ec1ec3e0dd0e2f074caf6d74c626e8650155d3bb0c8249401753f2c682dda3c2eed6357253b53a2e175
-
SSDEEP
6144:pJvC6+hC9aVs20pCNox2PenR6TsarOY8Bc3uZUGwm9FGdOJn4Zz2ngnq:fvCoai20CNoIP20FrWRUGwmG+g2
Static task
static1
Behavioral task
behavioral1
Sample
CmdRegCleaner.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
CmdRegCleaner.exe
-
Size
418KB
-
MD5
0aeb125525c77edc57fb2c7e97d14467
-
SHA1
7b68218bc50ae922a1526393e9c4ef3870cc8243
-
SHA256
c20115171317123951b4e6306bfe29a2eb83cc4dafb2d3ba99663aafd336adb3
-
SHA512
e3bd20bda611757d1efe12e13a2e8138e167c074466512ab3248958a4a2039e128b2dafde00571455e8e1ff943e1ebaf64d2d8193598dee7baed38d16910e82f
-
SSDEEP
12288:pRZ+IoG/n9IQxW3OBse4X+tixbtjGtSYLNdZo:h2G/nvxW3WuN5GtrLny
Score10/10-
Modifies system executable filetype association
-
Executes dropped EXE
-
Registers COM server for autorun
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-