General
-
Target
70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca
-
Size
364KB
-
Sample
221125-l4fjyada7t
-
MD5
ebfcf8c015fe20503aca81f42d42c692
-
SHA1
98949a83bd2277221fa643933173f338f1ce44f8
-
SHA256
70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca
-
SHA512
a9499d8c3715cb387d3cc954b2e2e8f0974b0f63a36c64a2d5559a70f2c7c3c9db225d939ea39a3e98a201feda3ee761be7390518e06f9895f7a6f1c15e17b92
-
SSDEEP
6144:650tR/5gjbnI3OkLFxD5tKdHDunqIxynuzy0:t/5gjbnI3OkLFxD5tKZDunjxynuz9
Static task
static1
Behavioral task
behavioral1
Sample
70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca
-
Size
364KB
-
MD5
ebfcf8c015fe20503aca81f42d42c692
-
SHA1
98949a83bd2277221fa643933173f338f1ce44f8
-
SHA256
70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca
-
SHA512
a9499d8c3715cb387d3cc954b2e2e8f0974b0f63a36c64a2d5559a70f2c7c3c9db225d939ea39a3e98a201feda3ee761be7390518e06f9895f7a6f1c15e17b92
-
SSDEEP
6144:650tR/5gjbnI3OkLFxD5tKdHDunqIxynuzy0:t/5gjbnI3OkLFxD5tKZDunjxynuz9
Score8/10-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Adds Run key to start application
-