General
-
Target
LeagVMT.zip
-
Size
63.8MB
-
Sample
230423-dlldgacc2y
-
MD5
d382c76c8f4ca48a5140cef32266d6e0
-
SHA1
f2acad0a91fba0d2f56937df6186332c2bb9e108
-
SHA256
22442e5679620f7f9b88c438f16e15ccefa81f877a99a977be657055ebb365db
-
SHA512
9b573d997be9f0950fd86e8c4390d7fdd53e00b7506838b85d2de0224aabc6b38f70ea9dd0f56bcc57f09cf8ab6453ac7ac80e6d2e8963eb7d7d35c073747363
-
SSDEEP
1572864:Jp/ZVVDLcQ+alvBTzg2Wofn0evz7FUIxqRCKbnAmo9WPj4ktFt70+3:3hDLF3v5zgIPPiWa82PPt70W
Static task
static1
Behavioral task
behavioral1
Sample
LeagVMT.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
LeagVMT.exe
-
Size
63.9MB
-
MD5
b2032e59b7c8e8a2c49409864ce97776
-
SHA1
c6d7a89041cb8b49c0d73b1c7e857f50a5b95695
-
SHA256
44f87cbf92a7bdec1d370f457da017924e66bcdbeaac0cc0c81e9dd4baeeb949
-
SHA512
1fcd7e54cf54011a48f9c1abddb7073983dd098bd4d1165f8b0766dc6364d4e8d8b3d64c825eab9f9f5f846ff5dd2cb62cecc6082d43e61fd47ed636c7e61635
-
SSDEEP
1572864:rjddrbWuWkCNjizYkqEpRO4vrbpwIJGzmC5js2c9KxvyQ2tbXAw1:vfW5RjizYKTHeKMuqxGbXAQ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-