General
-
Target
88aa597508cf45522711b678bb0596da0f1d16773aa7ca4504b6f2784e2a82a4
-
Size
571KB
-
Sample
221208-prtgtach9z
-
MD5
0dd4eddc02f1144a3a829b18b303ec1a
-
SHA1
f8a26ebf852dfd63920cdc98f44eb4e53e29f13b
-
SHA256
88aa597508cf45522711b678bb0596da0f1d16773aa7ca4504b6f2784e2a82a4
-
SHA512
0dda2bda39a322c6f26347b4e3e017954319d0f22bc7ea517db526da464cd7d8d024feb5d0e0ef34f6d971f6a41e73a9c7b98b0fd3d16b3cada71165e8134416
-
SSDEEP
6144:xrmNILc6DM/D3COXFMk2UwNNVJZc6aoFZe6+jrYGHL8742qI:ZmNI5DMD3CaFZ8NVJZc6fE6ssGHL
Static task
static1
Behavioral task
behavioral1
Sample
88aa597508cf45522711b678bb0596da0f1d16773aa7ca4504b6f2784e2a82a4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
88aa597508cf45522711b678bb0596da0f1d16773aa7ca4504b6f2784e2a82a4.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
cobaltstrike
http://service-758414h5-1311271430.sh.apigw.tencentcs.com:80/bootstrap-2.min.js
-
user_agent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36
Extracted
cobaltstrike
0
-
watermark
0
Targets
-
-
Target
88aa597508cf45522711b678bb0596da0f1d16773aa7ca4504b6f2784e2a82a4
-
Size
571KB
-
MD5
0dd4eddc02f1144a3a829b18b303ec1a
-
SHA1
f8a26ebf852dfd63920cdc98f44eb4e53e29f13b
-
SHA256
88aa597508cf45522711b678bb0596da0f1d16773aa7ca4504b6f2784e2a82a4
-
SHA512
0dda2bda39a322c6f26347b4e3e017954319d0f22bc7ea517db526da464cd7d8d024feb5d0e0ef34f6d971f6a41e73a9c7b98b0fd3d16b3cada71165e8134416
-
SSDEEP
6144:xrmNILc6DM/D3COXFMk2UwNNVJZc6aoFZe6+jrYGHL8742qI:ZmNI5DMD3CaFZ8NVJZc6fE6ssGHL
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-