General
-
Target
5f2c5df7f8cc61654ee48aede247285574428a75359c8b8b2530273e015bb4ed
-
Size
44KB
-
Sample
221125-j7vf6adc98
-
MD5
00ffe44ac5bb8b97dead8d1688fffa39
-
SHA1
c44a2bcce33ac0b2ed77807fc3ae8717d77e2de4
-
SHA256
5f2c5df7f8cc61654ee48aede247285574428a75359c8b8b2530273e015bb4ed
-
SHA512
190bd6eaf029e383399e935f76a5c501ee290b64b0722485d998eb571976144df3b639f024c9926988e74f9a8c97c568a7a760c36736b733491ded043c0e5cd7
-
SSDEEP
768:ZqK10kfv4JuCXgZSHyS3w0fCt1KjpoiMYkaqj1:rTz4CtQjuSkL
Static task
static1
Behavioral task
behavioral1
Sample
5f2c5df7f8cc61654ee48aede247285574428a75359c8b8b2530273e015bb4ed.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
5f2c5df7f8cc61654ee48aede247285574428a75359c8b8b2530273e015bb4ed.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
5f2c5df7f8cc61654ee48aede247285574428a75359c8b8b2530273e015bb4ed
-
Size
44KB
-
MD5
00ffe44ac5bb8b97dead8d1688fffa39
-
SHA1
c44a2bcce33ac0b2ed77807fc3ae8717d77e2de4
-
SHA256
5f2c5df7f8cc61654ee48aede247285574428a75359c8b8b2530273e015bb4ed
-
SHA512
190bd6eaf029e383399e935f76a5c501ee290b64b0722485d998eb571976144df3b639f024c9926988e74f9a8c97c568a7a760c36736b733491ded043c0e5cd7
-
SSDEEP
768:ZqK10kfv4JuCXgZSHyS3w0fCt1KjpoiMYkaqj1:rTz4CtQjuSkL
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-