General
-
Target
88948b3dd363db07e7933d371ce3a767673b1eaebc2686353582e6e34027f825
-
Size
188KB
-
Sample
221125-jcsn3sef41
-
MD5
ecde4a56a6b1bce1eee14552e9e860b1
-
SHA1
7efdfbfa57282c5b5d36f4647b8a93f732937055
-
SHA256
88948b3dd363db07e7933d371ce3a767673b1eaebc2686353582e6e34027f825
-
SHA512
6734b522145b04a57326b007f74745f354fa65a0d395531d27439c102bac16f9d9f83cca4ccb0a839bb5c9f1af715b5ffb918ee20384e49cf1916c93a47da053
-
SSDEEP
3072:TWkFrImbVXrzON+BmghjeufJjIbmMJ4pC:TDFrTXrzO2hNiSMa8
Static task
static1
Behavioral task
behavioral1
Sample
88948b3dd363db07e7933d371ce3a767673b1eaebc2686353582e6e34027f825.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
88948b3dd363db07e7933d371ce3a767673b1eaebc2686353582e6e34027f825.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
88948b3dd363db07e7933d371ce3a767673b1eaebc2686353582e6e34027f825
-
Size
188KB
-
MD5
ecde4a56a6b1bce1eee14552e9e860b1
-
SHA1
7efdfbfa57282c5b5d36f4647b8a93f732937055
-
SHA256
88948b3dd363db07e7933d371ce3a767673b1eaebc2686353582e6e34027f825
-
SHA512
6734b522145b04a57326b007f74745f354fa65a0d395531d27439c102bac16f9d9f83cca4ccb0a839bb5c9f1af715b5ffb918ee20384e49cf1916c93a47da053
-
SSDEEP
3072:TWkFrImbVXrzON+BmghjeufJjIbmMJ4pC:TDFrTXrzO2hNiSMa8
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-