General
-
Target
b160628daaa564297380332b5e854f217a1ceb3af5a1031b982b6884d6a45741
-
Size
212KB
-
Sample
221125-h2z9sadg7w
-
MD5
1e2a4e33b52c40d1f88488229339c49a
-
SHA1
8eaf1a1bfc40ae0c1e8d2903a7f32c59d87fad81
-
SHA256
b160628daaa564297380332b5e854f217a1ceb3af5a1031b982b6884d6a45741
-
SHA512
67b8322fbad551618e675a6a04e8743a95d07b306ad887df99f8aa960d2dd375aaa85035266d5d9c9fa7da36b639176787483645e6e89ad9f0862a99878cefa3
-
SSDEEP
3072:5D4N92eb5lbL9L9CaUsC8fnC5TfYlKdE9vEoi8sIWAcRO4is+K:5D4rbHTCaUsC8xj2RbR3
Behavioral task
behavioral1
Sample
b160628daaa564297380332b5e854f217a1ceb3af5a1031b982b6884d6a45741.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b160628daaa564297380332b5e854f217a1ceb3af5a1031b982b6884d6a45741.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
b160628daaa564297380332b5e854f217a1ceb3af5a1031b982b6884d6a45741
-
Size
212KB
-
MD5
1e2a4e33b52c40d1f88488229339c49a
-
SHA1
8eaf1a1bfc40ae0c1e8d2903a7f32c59d87fad81
-
SHA256
b160628daaa564297380332b5e854f217a1ceb3af5a1031b982b6884d6a45741
-
SHA512
67b8322fbad551618e675a6a04e8743a95d07b306ad887df99f8aa960d2dd375aaa85035266d5d9c9fa7da36b639176787483645e6e89ad9f0862a99878cefa3
-
SSDEEP
3072:5D4N92eb5lbL9L9CaUsC8fnC5TfYlKdE9vEoi8sIWAcRO4is+K:5D4rbHTCaUsC8xj2RbR3
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-