General
-
Target
419096cb4aaa8eb0c93b9e7b18f050c6b88deadb49cda1942dcec5d5823db695
-
Size
570KB
-
Sample
221128-xkm1fsch7y
-
MD5
c47d878dbc11b4a5184da5c20abfbb04
-
SHA1
824d367cc2969b8d83ecd998a9f14de6c82c178f
-
SHA256
419096cb4aaa8eb0c93b9e7b18f050c6b88deadb49cda1942dcec5d5823db695
-
SHA512
9a2ac7e16e3cd0daa3470fdece8a051fe61dd075191fdbe4f57e26c9a9aac79def2364c6d6fc01733b4b849121333182aa73e2a99d5538d53ba7ca1c9d11c71b
-
SSDEEP
12288:+h4eG43ScLpO+kP+Q+W8arnDFAeAmWlWm:y4KjLITDFAeAv
Static task
static1
Behavioral task
behavioral1
Sample
419096cb4aaa8eb0c93b9e7b18f050c6b88deadb49cda1942dcec5d5823db695.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
419096cb4aaa8eb0c93b9e7b18f050c6b88deadb49cda1942dcec5d5823db695.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
419096cb4aaa8eb0c93b9e7b18f050c6b88deadb49cda1942dcec5d5823db695
-
Size
570KB
-
MD5
c47d878dbc11b4a5184da5c20abfbb04
-
SHA1
824d367cc2969b8d83ecd998a9f14de6c82c178f
-
SHA256
419096cb4aaa8eb0c93b9e7b18f050c6b88deadb49cda1942dcec5d5823db695
-
SHA512
9a2ac7e16e3cd0daa3470fdece8a051fe61dd075191fdbe4f57e26c9a9aac79def2364c6d6fc01733b4b849121333182aa73e2a99d5538d53ba7ca1c9d11c71b
-
SSDEEP
12288:+h4eG43ScLpO+kP+Q+W8arnDFAeAmWlWm:y4KjLITDFAeAv
Score10/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-