General
-
Target
0f16f8428bdf6655be7f22ac1448a3496287340dab3bfde7e9ed221ef920b3ad
-
Size
633KB
-
Sample
221126-vckt1scf4w
-
MD5
106257e4985825ee2d8fb474b5999c9f
-
SHA1
c73937163cb4016673bdf4de8cbd76e8b2c86b13
-
SHA256
0f16f8428bdf6655be7f22ac1448a3496287340dab3bfde7e9ed221ef920b3ad
-
SHA512
0ee6e75b370c672bf5a452ca43457287b32db9db9aaa4c7b17cf287f5da4458133816a6a5454261a463f2254c2ce6f5770ebd2e420680b8fbac7bf978354cc41
-
SSDEEP
12288:df4gJ24eNaIYW76MjR7SfGqXD8K45JiZcViZX:u4eNVj7hjRM83DiZWi
Static task
static1
Behavioral task
behavioral1
Sample
0f16f8428bdf6655be7f22ac1448a3496287340dab3bfde7e9ed221ef920b3ad.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
0f16f8428bdf6655be7f22ac1448a3496287340dab3bfde7e9ed221ef920b3ad.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
0f16f8428bdf6655be7f22ac1448a3496287340dab3bfde7e9ed221ef920b3ad
-
Size
633KB
-
MD5
106257e4985825ee2d8fb474b5999c9f
-
SHA1
c73937163cb4016673bdf4de8cbd76e8b2c86b13
-
SHA256
0f16f8428bdf6655be7f22ac1448a3496287340dab3bfde7e9ed221ef920b3ad
-
SHA512
0ee6e75b370c672bf5a452ca43457287b32db9db9aaa4c7b17cf287f5da4458133816a6a5454261a463f2254c2ce6f5770ebd2e420680b8fbac7bf978354cc41
-
SSDEEP
12288:df4gJ24eNaIYW76MjR7SfGqXD8K45JiZcViZX:u4eNVj7hjRM83DiZWi
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-