General
-
Target
cdb39fc581b72b36c079abec9e2bfefa9a03e5dc00589a5889406f0647b0901a
-
Size
205KB
-
Sample
221130-z3jf4aaa4x
-
MD5
7b0685897c65b060494c91b0b701fa71
-
SHA1
4f597320790d71cf000e4b03dcae8a11b6946410
-
SHA256
cdb39fc581b72b36c079abec9e2bfefa9a03e5dc00589a5889406f0647b0901a
-
SHA512
17e1e8821eec0c8aeb70551d833c0afc9805543997f98cd4430a254e2d51ca9b710a252fabc2d35beb4c338972955d4393e011f56dcf661f4526cce2796df197
-
SSDEEP
6144:WSIWTqzmgoJlS5Oz4BS9sqLFuV8hHaB+:Wi4mgoJlS5OsGQ8
Static task
static1
Behavioral task
behavioral1
Sample
cdb39fc581b72b36c079abec9e2bfefa9a03e5dc00589a5889406f0647b0901a.exe
Resource
win7-20220812-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
bozoveleye@gmail.com - Password:
iyikalpli_3303
Targets
-
-
Target
cdb39fc581b72b36c079abec9e2bfefa9a03e5dc00589a5889406f0647b0901a
-
Size
205KB
-
MD5
7b0685897c65b060494c91b0b701fa71
-
SHA1
4f597320790d71cf000e4b03dcae8a11b6946410
-
SHA256
cdb39fc581b72b36c079abec9e2bfefa9a03e5dc00589a5889406f0647b0901a
-
SHA512
17e1e8821eec0c8aeb70551d833c0afc9805543997f98cd4430a254e2d51ca9b710a252fabc2d35beb4c338972955d4393e011f56dcf661f4526cce2796df197
-
SSDEEP
6144:WSIWTqzmgoJlS5Oz4BS9sqLFuV8hHaB+:Wi4mgoJlS5OsGQ8
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-