General
-
Target
c38ed236f8fc2bed3ea8e22a5b0daf138914eeb8bf454a8506419522929c7347
-
Size
142KB
-
Sample
221124-ycsfmsed74
-
MD5
64335a5b82acdbddced384a6e76de72d
-
SHA1
1e482058480020e80ee73dfcea7df454da593a8d
-
SHA256
c38ed236f8fc2bed3ea8e22a5b0daf138914eeb8bf454a8506419522929c7347
-
SHA512
e69ac4e6d6817a1d3cf41a4433738cc723fd1c39254001c3e50dd6e71184c0b164b355bed1919ffe61ceb99c696ef4ca246710ce0d27fcff981e9e902da945f1
-
SSDEEP
3072:C2ilEbgcWBm6bcRRRRRRRRRRRRRRRRRRRRtuZ++++++++++++++++++++++++++V:Vb+vcRRRRRRRRRRRRRRRRRRRRtU++++2
Static task
static1
Behavioral task
behavioral1
Sample
c38ed236f8fc2bed3ea8e22a5b0daf138914eeb8bf454a8506419522929c7347.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
c38ed236f8fc2bed3ea8e22a5b0daf138914eeb8bf454a8506419522929c7347.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c38ed236f8fc2bed3ea8e22a5b0daf138914eeb8bf454a8506419522929c7347
-
Size
142KB
-
MD5
64335a5b82acdbddced384a6e76de72d
-
SHA1
1e482058480020e80ee73dfcea7df454da593a8d
-
SHA256
c38ed236f8fc2bed3ea8e22a5b0daf138914eeb8bf454a8506419522929c7347
-
SHA512
e69ac4e6d6817a1d3cf41a4433738cc723fd1c39254001c3e50dd6e71184c0b164b355bed1919ffe61ceb99c696ef4ca246710ce0d27fcff981e9e902da945f1
-
SSDEEP
3072:C2ilEbgcWBm6bcRRRRRRRRRRRRRRRRRRRRtuZ++++++++++++++++++++++++++V:Vb+vcRRRRRRRRRRRRRRRRRRRRtU++++2
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-