General
-
Target
6d5be80d083506c5e745dc043efc9f900c2a6bb22faa3ab64ca66e0f17e04b80
-
Size
566KB
-
Sample
221125-rvmjsadh48
-
MD5
7cd871c5dae7dfee205ac811f0d461d7
-
SHA1
9d564accbfefafeda236574750a4dcb481e187fa
-
SHA256
6d5be80d083506c5e745dc043efc9f900c2a6bb22faa3ab64ca66e0f17e04b80
-
SHA512
f3834257535c252aac281ff8633c30dd599d1718ff85b1019e4eeabf59634680f75bd077af9f5c4092c1a70e5c5ffc9bc2d9762798212f4ac385bf62327218e4
-
SSDEEP
6144:12Or9Pk3/JxlpKI0ByUPiV8+AsGHDY+5l+anN40ty2or87P9U3ERvYb:5JEJP0TB76uJDf5lTnqe7q3sY
Static task
static1
Behavioral task
behavioral1
Sample
6d5be80d083506c5e745dc043efc9f900c2a6bb22faa3ab64ca66e0f17e04b80.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
6d5be80d083506c5e745dc043efc9f900c2a6bb22faa3ab64ca66e0f17e04b80.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
6d5be80d083506c5e745dc043efc9f900c2a6bb22faa3ab64ca66e0f17e04b80
-
Size
566KB
-
MD5
7cd871c5dae7dfee205ac811f0d461d7
-
SHA1
9d564accbfefafeda236574750a4dcb481e187fa
-
SHA256
6d5be80d083506c5e745dc043efc9f900c2a6bb22faa3ab64ca66e0f17e04b80
-
SHA512
f3834257535c252aac281ff8633c30dd599d1718ff85b1019e4eeabf59634680f75bd077af9f5c4092c1a70e5c5ffc9bc2d9762798212f4ac385bf62327218e4
-
SSDEEP
6144:12Or9Pk3/JxlpKI0ByUPiV8+AsGHDY+5l+anN40ty2or87P9U3ERvYb:5JEJP0TB76uJDf5lTnqe7q3sY
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-