General
-
Target
dcf626508bfb3147a7f1b3a4fd3592b94ca4250b4dea2784c677aaff37c520d1
-
Size
2.6MB
-
Sample
230309-e3xcqshd8v
-
MD5
a9aae238d49c314be45b58f5b8bd5ef1
-
SHA1
2799feeb646e892d809c9b57fe53ebf4e676443b
-
SHA256
dcf626508bfb3147a7f1b3a4fd3592b94ca4250b4dea2784c677aaff37c520d1
-
SHA512
d63075e6a8fcec0f1831b86d0c17446abed3894d73f7dd7f25eb6caebee6de75c2d5e40a879733eb131e125bdefa409974a558f62833c6a02f1339ccb73801a4
-
SSDEEP
49152:cI+zgHov5gv6eVyCuNwl8zfuL2Ars4bnJLKwoAmGwCw9G2br:KgH4eVyCT8zuQ4bnBNA9Gk
Static task
static1
Behavioral task
behavioral1
Sample
dcf626508bfb3147a7f1b3a4fd3592b94ca4250b4dea2784c677aaff37c520d1.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
dcf626508bfb3147a7f1b3a4fd3592b94ca4250b4dea2784c677aaff37c520d1
-
Size
2.6MB
-
MD5
a9aae238d49c314be45b58f5b8bd5ef1
-
SHA1
2799feeb646e892d809c9b57fe53ebf4e676443b
-
SHA256
dcf626508bfb3147a7f1b3a4fd3592b94ca4250b4dea2784c677aaff37c520d1
-
SHA512
d63075e6a8fcec0f1831b86d0c17446abed3894d73f7dd7f25eb6caebee6de75c2d5e40a879733eb131e125bdefa409974a558f62833c6a02f1339ccb73801a4
-
SSDEEP
49152:cI+zgHov5gv6eVyCuNwl8zfuL2Ars4bnJLKwoAmGwCw9G2br:KgH4eVyCT8zuQ4bnBNA9Gk
-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-