General
-
Target
90f5a9256f9effd26cb7793b8e71a3c232d64ddac33c25bcf18fcb8ae4e84a04
-
Size
194KB
-
Sample
230129-2xe8lagc78
-
MD5
0b601c8e85e66b573c24d2ac6846a001
-
SHA1
80e90c3b91ac845e9c57df24f6de206bff0ba2b8
-
SHA256
90f5a9256f9effd26cb7793b8e71a3c232d64ddac33c25bcf18fcb8ae4e84a04
-
SHA512
305c1d46f620b7d94fb575ddd32dbe0a2527e198c49013c4ba4976bddda778f71fc03dfc916ce5cee015ea4b80bf38e397bd6b2c62fce944f3933bf26b976150
-
SSDEEP
3072:leoj6QTDgiEIDL5ntDnj/rlIudpB8gkgqXEoqGxTsiqX5G9:Y+hvg8DL5ntb7hBkgXoZxTsid
Static task
static1
Behavioral task
behavioral1
Sample
90f5a9256f9effd26cb7793b8e71a3c232d64ddac33c25bcf18fcb8ae4e84a04.exe
Resource
win7-20221111-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
mastaex2@gmail.com - Password:
fh6113887
Targets
-
-
Target
90f5a9256f9effd26cb7793b8e71a3c232d64ddac33c25bcf18fcb8ae4e84a04
-
Size
194KB
-
MD5
0b601c8e85e66b573c24d2ac6846a001
-
SHA1
80e90c3b91ac845e9c57df24f6de206bff0ba2b8
-
SHA256
90f5a9256f9effd26cb7793b8e71a3c232d64ddac33c25bcf18fcb8ae4e84a04
-
SHA512
305c1d46f620b7d94fb575ddd32dbe0a2527e198c49013c4ba4976bddda778f71fc03dfc916ce5cee015ea4b80bf38e397bd6b2c62fce944f3933bf26b976150
-
SSDEEP
3072:leoj6QTDgiEIDL5ntDnj/rlIudpB8gkgqXEoqGxTsiqX5G9:Y+hvg8DL5ntb7hBkgXoZxTsid
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-