General
-
Target
??????????.exe
-
Size
51.1MB
-
Sample
230605-kgtbvaga6v
-
MD5
0769ed600d9fd9477915573dca6ac0e3
-
SHA1
651bc713117a92a449a1936e8fdf42e9ae5b8b9b
-
SHA256
ec3ab38ccd00d1c556983978e89533fc9c3cfbb395f590ee4c437847a68ecf80
-
SHA512
aa50e289c7ef3453fdf6e1a94450a1d8737c522c153c556fac1bb6617b31bbb202c60e156a0f5c8998a93b32065a9fa5b51da33a803557009f91f43265b56439
-
SSDEEP
1572864:vvhr89ORGJRvOaIHPZtp9RvxgtC+rGQFh57MefPAH1x6iu:3B8lRfIHPHRZ+rGQFYeXMmV
Static task
static1
Behavioral task
behavioral1
Sample
??????????.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
??????????.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
??????????.exe
-
Size
51.1MB
-
MD5
0769ed600d9fd9477915573dca6ac0e3
-
SHA1
651bc713117a92a449a1936e8fdf42e9ae5b8b9b
-
SHA256
ec3ab38ccd00d1c556983978e89533fc9c3cfbb395f590ee4c437847a68ecf80
-
SHA512
aa50e289c7ef3453fdf6e1a94450a1d8737c522c153c556fac1bb6617b31bbb202c60e156a0f5c8998a93b32065a9fa5b51da33a803557009f91f43265b56439
-
SSDEEP
1572864:vvhr89ORGJRvOaIHPZtp9RvxgtC+rGQFh57MefPAH1x6iu:3B8lRfIHPHRZ+rGQFYeXMmV
Score10/10-
Creates new service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-