General
-
Target
90a24a5db1c52046ff692ab44943d860987eb2508dca6d112e4af59f6c99f759
-
Size
5.6MB
-
Sample
230302-11kf2sfa59
-
MD5
59a6cf429b04e27edf026dc9d6c401f5
-
SHA1
68aa9842635605fbc86c99ed66574ff5dbfa4cb5
-
SHA256
90a24a5db1c52046ff692ab44943d860987eb2508dca6d112e4af59f6c99f759
-
SHA512
5396a444e48d49573312905d408210bef5821faad01ace19568465c1e8e5ea10e4ae91111e3ac8cbcf9621ad28673f35979718bba2fe833ef6260aaaf6fc2b63
-
SSDEEP
98304:AaPlXklTveze0Wl1AeDcn2BlJPD8Nzl2bT8mRaw8GFvuztrxcwmMQ:VR23tnt8NPLwJ+VfmM
Behavioral task
behavioral1
Sample
90a24a5db1c52046ff692ab44943d860987eb2508dca6d112e4af59f6c99f759.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
90a24a5db1c52046ff692ab44943d860987eb2508dca6d112e4af59f6c99f759
-
Size
5.6MB
-
MD5
59a6cf429b04e27edf026dc9d6c401f5
-
SHA1
68aa9842635605fbc86c99ed66574ff5dbfa4cb5
-
SHA256
90a24a5db1c52046ff692ab44943d860987eb2508dca6d112e4af59f6c99f759
-
SHA512
5396a444e48d49573312905d408210bef5821faad01ace19568465c1e8e5ea10e4ae91111e3ac8cbcf9621ad28673f35979718bba2fe833ef6260aaaf6fc2b63
-
SSDEEP
98304:AaPlXklTveze0Wl1AeDcn2BlJPD8Nzl2bT8mRaw8GFvuztrxcwmMQ:VR23tnt8NPLwJ+VfmM
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-