General
-
Target
5c1d8186072a67dbf2f13eecf74161d46e2f0ab51766c83985f0f003e8b44fa0.7z
-
Size
466.2MB
-
Sample
230417-k5yw8sdf38
-
MD5
57a9e6a681c2dd1203d275e944a6f714
-
SHA1
e6ef01940f1e3ca0ba6d20e667ca3511953e9f0f
-
SHA256
5c1d8186072a67dbf2f13eecf74161d46e2f0ab51766c83985f0f003e8b44fa0
-
SHA512
85776c9787f9df4f6485105af3a7af2e5b95aa83348c1b8e9bcb619ee731b9f8e2b671f7b078d6cc6d4a002af5eda776fda25347c0f89f05801a2d120cb2303a
-
SSDEEP
12582912:0QfF7orKXWT5bRaB8tFlP5JLRaTdDNSlVQdYqYX0:BfF8rKXO5TFnhRodDGzpX0
Behavioral task
behavioral1
Sample
coreldraw_graphics_suite_2020v22.0.0.412/CorelDRAW 2020 Portable.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
coreldraw_graphics_suite_2020v22.0.0.412/CorelDRAW 2020 Portable.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
coreldraw_graphics_suite_2020v22.0.0.412/CorelDRAW 2020 Portable.exe
-
Size
1230.3MB
-
MD5
d20fe6aedcdde559c0bb9ee47434bf2e
-
SHA1
38c6f84934a4b5aeb658475babdd0d8e2389ff67
-
SHA256
4eea1a4d3c8a4c846a5010bacdc85cfc1ddac4030b58d4c0190cc91e6537e1c0
-
SHA512
63f4e82043352c9af3efd8e987ad6b7583f5fb38263a0d0042b98620ad18e7275f01fe97997923e1bc6f4c91f5aec0dfa652230bb2a183f3f5b184d9f59a5f8c
-
SSDEEP
12582912:8Ltn0JtwBuJYqN49D8O0u7eWOEUGdj1C+EpH41PH:m0J6gJrN49D8QeWOLGdpZdP
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-