General
-
Target
c13a77c04a9e6d13275c98f60b63cd2415c622b96bdd31ddfb600d2e6c798d45
-
Size
588KB
-
Sample
221223-ddbjasff89
-
MD5
e2cf99bafbaf97caeb1e168f08d5b9a7
-
SHA1
93e3f7a0a438ed62058fafecce927960959e64cc
-
SHA256
c13a77c04a9e6d13275c98f60b63cd2415c622b96bdd31ddfb600d2e6c798d45
-
SHA512
ea6b44e5c0381f8c5febecfc114f643871b0d765e9fff7b185d2d8b43de2845e9dcf3f490ccc28fe6b2b07d4396aeccba541fc40d11c7b0c0d979ad6ce5c591b
-
SSDEEP
12288:NeRtB1zxiB1UOab0y8msR/UWyUAMF95ofKxsS+/Oym/+L:uj1xiB1Dab0yiUW1AYSKGSgiWL
Static task
static1
Behavioral task
behavioral1
Sample
c13a77c04a9e6d13275c98f60b63cd2415c622b96bdd31ddfb600d2e6c798d45.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
c13a77c04a9e6d13275c98f60b63cd2415c622b96bdd31ddfb600d2e6c798d45.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
c13a77c04a9e6d13275c98f60b63cd2415c622b96bdd31ddfb600d2e6c798d45
-
Size
588KB
-
MD5
e2cf99bafbaf97caeb1e168f08d5b9a7
-
SHA1
93e3f7a0a438ed62058fafecce927960959e64cc
-
SHA256
c13a77c04a9e6d13275c98f60b63cd2415c622b96bdd31ddfb600d2e6c798d45
-
SHA512
ea6b44e5c0381f8c5febecfc114f643871b0d765e9fff7b185d2d8b43de2845e9dcf3f490ccc28fe6b2b07d4396aeccba541fc40d11c7b0c0d979ad6ce5c591b
-
SSDEEP
12288:NeRtB1zxiB1UOab0y8msR/UWyUAMF95ofKxsS+/Oym/+L:uj1xiB1Dab0yiUW1AYSKGSgiWL
Score8/10-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-