General
-
Target
b41faf5253e0eef6e383dc99c246e183581fcadcd2611d4d8c241e00f82852cc
-
Size
1.3MB
-
Sample
221126-kpxn8sac5t
-
MD5
123db5af123b0e29cef6ccd20cad02da
-
SHA1
3539f23d4b7f167170f3ca33b51a6479f3d66968
-
SHA256
b41faf5253e0eef6e383dc99c246e183581fcadcd2611d4d8c241e00f82852cc
-
SHA512
320b9a4b7aeda1188a25de35e5b84cc9a4914b12458a6224af19185aa56dfc6b58f247da82df6a7a1af543e49a66cf8abb0486b62d00097beec6d432e49b15d5
-
SSDEEP
24576:mQ6Ng36dXhRyGRbg8C8UiQ6Ng36dXhRyGRbg8C8Uw:mQ2m6dXLzQ2m6dXL
Static task
static1
Behavioral task
behavioral1
Sample
b41faf5253e0eef6e383dc99c246e183581fcadcd2611d4d8c241e00f82852cc.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b41faf5253e0eef6e383dc99c246e183581fcadcd2611d4d8c241e00f82852cc.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
b41faf5253e0eef6e383dc99c246e183581fcadcd2611d4d8c241e00f82852cc
-
Size
1.3MB
-
MD5
123db5af123b0e29cef6ccd20cad02da
-
SHA1
3539f23d4b7f167170f3ca33b51a6479f3d66968
-
SHA256
b41faf5253e0eef6e383dc99c246e183581fcadcd2611d4d8c241e00f82852cc
-
SHA512
320b9a4b7aeda1188a25de35e5b84cc9a4914b12458a6224af19185aa56dfc6b58f247da82df6a7a1af543e49a66cf8abb0486b62d00097beec6d432e49b15d5
-
SSDEEP
24576:mQ6Ng36dXhRyGRbg8C8UiQ6Ng36dXhRyGRbg8C8Uw:mQ2m6dXLzQ2m6dXL
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-