General
-
Target
ed50663942b9e0863cf5c7b7b75cb93f818679405edafa52ff9b337c8100316b
-
Size
43KB
-
Sample
221125-hl5jkacf41
-
MD5
be7bb1d1a95269a08657576693d4b5e0
-
SHA1
afa4e30391251d1b21290867ecccf0ddcca6bfd4
-
SHA256
ed50663942b9e0863cf5c7b7b75cb93f818679405edafa52ff9b337c8100316b
-
SHA512
ddad153d9f639bfaa4a8b24da39cd3e856994e95b460d1fa627876401df3378c816797b5c9db9e16c2e0fd8c5429d84a02d67316cbbfba602a2718280b09323d
-
SSDEEP
768:f1YMvYZcWAK5NaECHmIi5PtJh9Q12F24yt0:WMAP2TkPtr96t0
Static task
static1
Behavioral task
behavioral1
Sample
ed50663942b9e0863cf5c7b7b75cb93f818679405edafa52ff9b337c8100316b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ed50663942b9e0863cf5c7b7b75cb93f818679405edafa52ff9b337c8100316b.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
ed50663942b9e0863cf5c7b7b75cb93f818679405edafa52ff9b337c8100316b
-
Size
43KB
-
MD5
be7bb1d1a95269a08657576693d4b5e0
-
SHA1
afa4e30391251d1b21290867ecccf0ddcca6bfd4
-
SHA256
ed50663942b9e0863cf5c7b7b75cb93f818679405edafa52ff9b337c8100316b
-
SHA512
ddad153d9f639bfaa4a8b24da39cd3e856994e95b460d1fa627876401df3378c816797b5c9db9e16c2e0fd8c5429d84a02d67316cbbfba602a2718280b09323d
-
SSDEEP
768:f1YMvYZcWAK5NaECHmIi5PtJh9Q12F24yt0:WMAP2TkPtr96t0
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-