General
-
Target
State.of.Survival.PC.V1.0_69621a9f53.exe
-
Size
2.0MB
-
Sample
221231-zgvbgaae49
-
MD5
0813d662821577f411847b824b97e362
-
SHA1
867398ebced794ed2c0195687c3643cb29fe6680
-
SHA256
055c2b40b085af10a552c1c5179df5c98252e34c2b67fc314622d0b2636f6b13
-
SHA512
01488199ff656c80b117906a84f2653f3e9ef55a6f3716b6f674f8ccf9a14842d3fd303b6d3f6dc28eea9b3091543d479a8dc27cfc100da3dbfefc6af3c501b4
-
SSDEEP
49152:+3BwVkfnZw3LQfkZSKRIPHzkdm+unMtNnuBSaPoxseB:mB2Davz6m+qMtoSLxtB
Static task
static1
Behavioral task
behavioral1
Sample
State.of.Survival.PC.V1.0_69621a9f53.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
State.of.Survival.PC.V1.0_69621a9f53.exe
-
Size
2.0MB
-
MD5
0813d662821577f411847b824b97e362
-
SHA1
867398ebced794ed2c0195687c3643cb29fe6680
-
SHA256
055c2b40b085af10a552c1c5179df5c98252e34c2b67fc314622d0b2636f6b13
-
SHA512
01488199ff656c80b117906a84f2653f3e9ef55a6f3716b6f674f8ccf9a14842d3fd303b6d3f6dc28eea9b3091543d479a8dc27cfc100da3dbfefc6af3c501b4
-
SSDEEP
49152:+3BwVkfnZw3LQfkZSKRIPHzkdm+unMtNnuBSaPoxseB:mB2Davz6m+qMtoSLxtB
Score8/10-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-