General
-
Target
a01f1a0789beee9f0ab471734ac420445d1eaae94b259f6d430bef9c8f26fe49
-
Size
635KB
-
Sample
221202-17q76sab48
-
MD5
cdaa24aa755ae64fe56c6d3bef8bff6d
-
SHA1
477421a230de751f5e4b4a16671c603683b7d117
-
SHA256
a01f1a0789beee9f0ab471734ac420445d1eaae94b259f6d430bef9c8f26fe49
-
SHA512
01043a4097194ebefb90438121da22d2af1bf46934aeffaac7c51ac56404ccfd2dcd4d5ed8236171406b7586aa4d80a57c44b1a7f58e4bf891c141a07c580e96
-
SSDEEP
12288:XpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIXn/D:5wAcu99lPzvxP+Bsz2XjWTRMQckkIXn7
Behavioral task
behavioral1
Sample
a01f1a0789beee9f0ab471734ac420445d1eaae94b259f6d430bef9c8f26fe49.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a01f1a0789beee9f0ab471734ac420445d1eaae94b259f6d430bef9c8f26fe49.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
a01f1a0789beee9f0ab471734ac420445d1eaae94b259f6d430bef9c8f26fe49
-
Size
635KB
-
MD5
cdaa24aa755ae64fe56c6d3bef8bff6d
-
SHA1
477421a230de751f5e4b4a16671c603683b7d117
-
SHA256
a01f1a0789beee9f0ab471734ac420445d1eaae94b259f6d430bef9c8f26fe49
-
SHA512
01043a4097194ebefb90438121da22d2af1bf46934aeffaac7c51ac56404ccfd2dcd4d5ed8236171406b7586aa4d80a57c44b1a7f58e4bf891c141a07c580e96
-
SSDEEP
12288:XpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIXn/D:5wAcu99lPzvxP+Bsz2XjWTRMQckkIXn7
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-