General
-
Target
Remove-Edge.exe
-
Size
8.5MB
-
Sample
230306-2nk3gsef6y
-
MD5
90cd506989e066e6733006803bf45886
-
SHA1
0e1da5ae0616ffb3636b78bb71b0412c08ee471e
-
SHA256
d4f72966550109f0fa2a139e26b9ea21c4ec776911ade96a3552104f7cf2f926
-
SHA512
5c2afcf55a14602ec640fe0ba5ac5aee4ebb94e891284c3a1b891cdd7dfdd2856fa76299ed055a8fcaf9528a5a61c15e69fc1d822e9a558359b16f1f2c9ba125
-
SSDEEP
196608:I9oqdQmR5dA6lsuErSEEJwdF6OlvJHDO6YZYPXk0:I9dQ2ls+9JOh8Z8
Behavioral task
behavioral1
Sample
Remove-Edge.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Remove-Edge.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Remove-Edge.exe
-
Size
8.5MB
-
MD5
90cd506989e066e6733006803bf45886
-
SHA1
0e1da5ae0616ffb3636b78bb71b0412c08ee471e
-
SHA256
d4f72966550109f0fa2a139e26b9ea21c4ec776911ade96a3552104f7cf2f926
-
SHA512
5c2afcf55a14602ec640fe0ba5ac5aee4ebb94e891284c3a1b891cdd7dfdd2856fa76299ed055a8fcaf9528a5a61c15e69fc1d822e9a558359b16f1f2c9ba125
-
SSDEEP
196608:I9oqdQmR5dA6lsuErSEEJwdF6OlvJHDO6YZYPXk0:I9dQ2ls+9JOh8Z8
Score8/10-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-