General
-
Target
329a25a596a6445ee94e5186d075dc17e2f37e0de64e13a5d170a87d4323f2e1
-
Size
546KB
-
Sample
221125-dk1rrsbc6s
-
MD5
c3b63a92330dcf900911de4d47f77d0f
-
SHA1
abd7e80304c4977362d3fd6274eac87e24cf017f
-
SHA256
329a25a596a6445ee94e5186d075dc17e2f37e0de64e13a5d170a87d4323f2e1
-
SHA512
e4f1bf98f65591a08ceebcadf69f020a9cb262264531062e26337332b9bf251ca38ca36c7c8cd9e9dcc128e8e096f2151322ff4b9cb28e5ed164646bc37c7d8b
-
SSDEEP
12288:nmUOo+AKBtUbfaUXETTI/8LxcV6rydD1mjFCmY0D9AqKhghqPeNgJ:WA3bTXET08Lxu6ryJ1mjFCaAgde
Static task
static1
Behavioral task
behavioral1
Sample
CF芭比多功能版0403SP1.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
CF芭比多功能版0403SP1.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
当下软件园.url
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
当下软件园.url
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
CF芭比多功能版0403SP1.exe
-
Size
1.7MB
-
MD5
0721bc6496cbac2439116181fcfb1f07
-
SHA1
1fae1bd4795a20331a31ce0d6c7e10d43449522f
-
SHA256
d762d0626ee6f55b35c64ac6d967d17872939494063d65031c7f4d2674d3d945
-
SHA512
55679ab7d278fa1f80950478fb41f9a6d3344f6e04ffc341435fa91b4990f5a78b4610bd474f9a2c00fc9f511bee79c79f9dfcb00e6f17c3a7d123a07bfaaf2d
-
SSDEEP
24576:++i1xhYn/l2h9SarbVTwi/VXOkJmy7ujeNFmEFv4bEk7j:++uh4Gd3VTBdOOtmE14J
Score8/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
-
-
Target
当下软件园.url
-
Size
191B
-
MD5
bdcc801fa8403eaecc71f63b740915af
-
SHA1
09c2f81338105d011694863280a76ea62a4e915e
-
SHA256
cab4f112f7e56424a7a00e6b6235a81be1ea980c2bd6529be764037f29de2ce5
-
SHA512
8af0b84bfd990c499b9bd7811d581f249c6b974bd13737468c05825cab019f340ca42d3a5ee4c54cfb79cfa60bf230058ada271fe49925a0b8aa7a191c13295d
Score1/10 -