General
-
Target
f9c82b093a049a082cdf5a1a7042f0b7b5fefe56c0c1a2db53ae8d98683d6b84
-
Size
5.7MB
-
Sample
221125-qkgp4sdh4v
-
MD5
5e7766282d74ebf8e5b95c422180b6a0
-
SHA1
68654a5c5219f27d8ba5a3f7b74ae74d1dc9acf0
-
SHA256
f9c82b093a049a082cdf5a1a7042f0b7b5fefe56c0c1a2db53ae8d98683d6b84
-
SHA512
fedbbfceb2a164283f7d3c4672317c79d6744ed099950f9a29ea8c4784f9dc410c728ff3ddab4fbefbfe3c525c1ae621d58ce044520149a20e8b857c27ce2442
-
SSDEEP
98304:jL+p957/mfkAb0JOyEmi+thHGAa0P9CQOGCfRJ2jlTDZ2l4wdcACdcruV95czN:f89J/ANzywiJlgQNUJ2BTDYiqcAViVwR
Static task
static1
Behavioral task
behavioral1
Sample
f9c82b093a049a082cdf5a1a7042f0b7b5fefe56c0c1a2db53ae8d98683d6b84.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
f9c82b093a049a082cdf5a1a7042f0b7b5fefe56c0c1a2db53ae8d98683d6b84.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f9c82b093a049a082cdf5a1a7042f0b7b5fefe56c0c1a2db53ae8d98683d6b84
-
Size
5.7MB
-
MD5
5e7766282d74ebf8e5b95c422180b6a0
-
SHA1
68654a5c5219f27d8ba5a3f7b74ae74d1dc9acf0
-
SHA256
f9c82b093a049a082cdf5a1a7042f0b7b5fefe56c0c1a2db53ae8d98683d6b84
-
SHA512
fedbbfceb2a164283f7d3c4672317c79d6744ed099950f9a29ea8c4784f9dc410c728ff3ddab4fbefbfe3c525c1ae621d58ce044520149a20e8b857c27ce2442
-
SSDEEP
98304:jL+p957/mfkAb0JOyEmi+thHGAa0P9CQOGCfRJ2jlTDZ2l4wdcACdcruV95czN:f89J/ANzywiJlgQNUJ2BTDYiqcAViVwR
Score8/10-
Executes dropped EXE
-
Modifies AppInit DLL entries
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-