General
-
Target
f8826a8bb6225234628c01318eef91a508e8ac4591c8121056c283aae5ea6768
-
Size
928KB
-
Sample
221128-fllqcaga88
-
MD5
4661f4d144848461df98f1286c8b236f
-
SHA1
b755ca522334788c272c22092139f6b789554c6c
-
SHA256
f8826a8bb6225234628c01318eef91a508e8ac4591c8121056c283aae5ea6768
-
SHA512
731c6b6c2f3b4593f21f3b3163e199789209af74ef1adb7064cb7652493bbcfc67abd44a6f4873036e091ace6dc2c2599c3685740d625dea7a3526d8ab563096
-
SSDEEP
24576:rV0kocpP0aYXCdo11NyazLtpeLOJl6tHLa:rV0kdZYXTxyazLtpeLO760
Static task
static1
Behavioral task
behavioral1
Sample
f8826a8bb6225234628c01318eef91a508e8ac4591c8121056c283aae5ea6768.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f8826a8bb6225234628c01318eef91a508e8ac4591c8121056c283aae5ea6768.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f8826a8bb6225234628c01318eef91a508e8ac4591c8121056c283aae5ea6768
-
Size
928KB
-
MD5
4661f4d144848461df98f1286c8b236f
-
SHA1
b755ca522334788c272c22092139f6b789554c6c
-
SHA256
f8826a8bb6225234628c01318eef91a508e8ac4591c8121056c283aae5ea6768
-
SHA512
731c6b6c2f3b4593f21f3b3163e199789209af74ef1adb7064cb7652493bbcfc67abd44a6f4873036e091ace6dc2c2599c3685740d625dea7a3526d8ab563096
-
SSDEEP
24576:rV0kocpP0aYXCdo11NyazLtpeLOJl6tHLa:rV0kdZYXTxyazLtpeLO760
Score10/10-
Detected phishing page
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-