General
-
Target
926bf338297a71450377e65aa6c0078e71faa674a08b8be39748d60124cec08b
-
Size
120KB
-
Sample
230129-2phzhsfh73
-
MD5
fcc3e83c605961ce711a28522be916f6
-
SHA1
18681477b75de6979d9d3c857fa09f72da36ec90
-
SHA256
926bf338297a71450377e65aa6c0078e71faa674a08b8be39748d60124cec08b
-
SHA512
b7fa234511234e1c81980d18c34021d5aa93f6c120f4c2be96eb2fbc8dafc24b622d9fc71c18ff75520ba7ac284ecf46f771a0ca333089db4a7d6fc42d1268ad
-
SSDEEP
3072:Ig+3fh/PHrgNUqOBx4J2vNbGfvGnd3gW5ZM4/uBnh:h+3fRb9NdndPZMT7
Behavioral task
behavioral1
Sample
926bf338297a71450377e65aa6c0078e71faa674a08b8be39748d60124cec08b.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
926bf338297a71450377e65aa6c0078e71faa674a08b8be39748d60124cec08b
-
Size
120KB
-
MD5
fcc3e83c605961ce711a28522be916f6
-
SHA1
18681477b75de6979d9d3c857fa09f72da36ec90
-
SHA256
926bf338297a71450377e65aa6c0078e71faa674a08b8be39748d60124cec08b
-
SHA512
b7fa234511234e1c81980d18c34021d5aa93f6c120f4c2be96eb2fbc8dafc24b622d9fc71c18ff75520ba7ac284ecf46f771a0ca333089db4a7d6fc42d1268ad
-
SSDEEP
3072:Ig+3fh/PHrgNUqOBx4J2vNbGfvGnd3gW5ZM4/uBnh:h+3fRb9NdndPZMT7
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-