General
-
Target
37ace29b5befaa1a36cd7b92dc8c9aa20c1d8bbc613e0b5ab99c7f19fa6f36c3
-
Size
319KB
-
Sample
230920-ssf5naba98
-
MD5
6d60fd236d34ec9f5982d44ad5c0ddc0
-
SHA1
e62af304b41f8a8a69e5f611b64e0a1e65d18388
-
SHA256
37ace29b5befaa1a36cd7b92dc8c9aa20c1d8bbc613e0b5ab99c7f19fa6f36c3
-
SHA512
1cca496e0dd6fa4b90af36c18fa9999da375293bb141d8b07638ef63da86614d473578ff26fb2efc5ca6c6cacc79d91e4c6c98ca8e7a3eb84ceab40bfaec70ab
-
SSDEEP
6144:WF039dCjNESPsRrmcyrpYPraTdnbO+0xzz1SRkPYibZomdRgV:WFg9dCxE5ycsyP0dnSBxH1SRk1xdRgV
Static task
static1
Behavioral task
behavioral1
Sample
CA22197-08082022 PI.js
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
CA22197-08082022 PI.js
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
CA22197-08082022 PI.js
-
Size
1.3MB
-
MD5
3105a413a55501f7a7a878643cd37b33
-
SHA1
ab276a88e6a6be38aa3ff28aa97a8b1f8a55ff92
-
SHA256
d25ad4df124b1f69972d1e09520ffecf979f89957ca296d11aaa4454d2922a97
-
SHA512
6d59ae07512ef52c3a99bc0165eb7ca1c14cbd6bd43b09fe87d972c475221bd6cd027795075a5b3ce31fef66fe2df39b7de1194bdd1fe92a1ecbbd546d4b70a1
-
SSDEEP
6144:MQJdZ/vlGYLDTYNpHI4DCQwZEauZnDjhLkoNety1CHrD2dDcuNoKlk7JYlD8AbdG:X/3
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-