General
-
Target
Doc-PO.161015-AGS_510160523.gz
-
Size
220KB
-
Sample
230606-qy4f2aed8x
-
MD5
b102d13f794c0adc6d34168a4cd379da
-
SHA1
d75a7bd0e7156ff97d05f6df952a616913cab6f0
-
SHA256
78c13c7c14ba3068053b7749c2671ba76cce489e3dbd310bc58641adf2e2fbe8
-
SHA512
a7c82ad0a3dac7b4f121ba9b8e108012026ab9ff001214abb9d98866352b661f71d7bf48b2fdf0e35965dda548e8da01a63355f15e3dc2e6d6821c2265306c5c
-
SSDEEP
6144:jaHshetHfuUVjZp1En4t4BAiYc9JImFt9QqUG5QXeB:thet/VVmn4iai59/9L5QOB
Static task
static1
Behavioral task
behavioral1
Sample
Doc-PO.161015-AGS_510160523.js
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Doc-PO.161015-AGS_510160523.js
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Doc-PO.161015-AGS_510160523.js
-
Size
364KB
-
MD5
22a10561df6d4e94ee66a05c2460c1c2
-
SHA1
e5956d08f7f2ead17df83a537fb436789d086bdf
-
SHA256
0d6dc81831f9dbc108a2bf9cb913678e392d1e2c22aad3cd900e59bc3c3a2e62
-
SHA512
f0ea2cd4ec18b1308bef68705112910efceeb2e301ea4ef1857b0774fabfc01ac5bb55931764504a84248ca6eee65c5f84e81679deeff83cca81949edf6fa1a3
-
SSDEEP
6144:Mo5w5IFL7veLmHXaWQ5jhHpw3ciNh+bmy7mN8igz1fH9FjB55f0+lWsEoymYS8Ym:TeS3aphOHtz6Tht/ym9CBmVold
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-