General
-
Target
Winbox.exe
-
Size
3.5MB
-
Sample
230614-rn14laaa58
-
MD5
81f583de2d16e2f451a0be9b8a7dd96c
-
SHA1
90e7b57b50302f60b4294b54f7f9e2bddd279747
-
SHA256
44e30d499a2977f70f0cd11411cfde8a26ff4f63c476740f4d8e4a461f9e753e
-
SHA512
171f353a2ca289af5e925392b6ac53c136bb9860e0bcb1697362fe0a75deff1d84f2128a3b0d711ae2a603f0d4af8dd44ab4cc5d39aa38e482e69ed11d5bff3f
-
SSDEEP
98304:lfLcWEe08s9qCzeDBsdGExhSrIClK7GE5PBl:N0h8cD5DxKWV5b
Static task
static1
Behavioral task
behavioral1
Sample
Winbox.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Winbox.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Winbox.exe
-
Size
3.5MB
-
MD5
81f583de2d16e2f451a0be9b8a7dd96c
-
SHA1
90e7b57b50302f60b4294b54f7f9e2bddd279747
-
SHA256
44e30d499a2977f70f0cd11411cfde8a26ff4f63c476740f4d8e4a461f9e753e
-
SHA512
171f353a2ca289af5e925392b6ac53c136bb9860e0bcb1697362fe0a75deff1d84f2128a3b0d711ae2a603f0d4af8dd44ab4cc5d39aa38e482e69ed11d5bff3f
-
SSDEEP
98304:lfLcWEe08s9qCzeDBsdGExhSrIClK7GE5PBl:N0h8cD5DxKWV5b
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-