General
-
Target
a95b09ef76a9bddd4d012fae86696e83fb0cef2f92aa3b929bbc0cddff89850f.zip
-
Size
221KB
-
Sample
230329-nnlgcshf8t
-
MD5
573a7389762c408ded287eb48600a547
-
SHA1
8e542eccaf7134561a8a0a0c23dac974a6666eeb
-
SHA256
293f07e6171954ccf6a01261a59c77538b058b3527170df581929024119b2051
-
SHA512
283285fce34fdafedce6801810178679dd40abef422922a800adc577f466285a69a76643072a62f745801a7c5fd93ad604162657ed8850c00373445247912d56
-
SSDEEP
6144:xgX38tDY8gTf5FNp7ZzHNJxsP3bVKYB7rDM:CeDYjTf5FtZJx6rAerg
Static task
static1
Behavioral task
behavioral1
Sample
a95b09ef76a9bddd4d012fae86696e83fb0cef2f92aa3b929bbc0cddff89850f.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
a95b09ef76a9bddd4d012fae86696e83fb0cef2f92aa3b929bbc0cddff89850f
-
Size
279KB
-
MD5
7d6457275b68f89ef42b45dcb353a4cc
-
SHA1
5882c24e596291201b8347e7b728bac17c1089a7
-
SHA256
a95b09ef76a9bddd4d012fae86696e83fb0cef2f92aa3b929bbc0cddff89850f
-
SHA512
bdf0b48f01368c8627d77242abe0fe7fc199691d675ce9e27c028946be823b6f46527864f4922cac3f35403ae3006d2dc15127489734143eb58770eb4f460104
-
SSDEEP
6144:qDKW1Lgbdl0TBBvjc/gd09psSpMqyiV10oPKIR/NcYsg:Mh1Lk70TnvjcYapscHNRJsg
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-