General
-
Target
11468a727bd8298fc93e1651400e437def16158c93e0c6cdc239df72fc16df03_JC.lnk
-
Size
1KB
-
Sample
231003-q93zmsbb91
-
MD5
1370c8b810befea6651d6e60dee0b591
-
SHA1
7bbd08152f5eb10c199904e646ddd672e138e456
-
SHA256
11468a727bd8298fc93e1651400e437def16158c93e0c6cdc239df72fc16df03
-
SHA512
d6316cfb95c1205982ac4b0c20986a207132a89f4ab5bfd8eb20ba1e2b8eaf57e45d63dbb3d97100b390786fc911aa197ad9f7fb2f9eef779eb5e62297be606b
Static task
static1
Behavioral task
behavioral1
Sample
11468a727bd8298fc93e1651400e437def16158c93e0c6cdc239df72fc16df03_JC.lnk
Resource
win7-20230831-en
Malware Config
Targets
-
-
Target
11468a727bd8298fc93e1651400e437def16158c93e0c6cdc239df72fc16df03_JC.lnk
-
Size
1KB
-
MD5
1370c8b810befea6651d6e60dee0b591
-
SHA1
7bbd08152f5eb10c199904e646ddd672e138e456
-
SHA256
11468a727bd8298fc93e1651400e437def16158c93e0c6cdc239df72fc16df03
-
SHA512
d6316cfb95c1205982ac4b0c20986a207132a89f4ab5bfd8eb20ba1e2b8eaf57e45d63dbb3d97100b390786fc911aa197ad9f7fb2f9eef779eb5e62297be606b
-
Blocklisted process makes network request
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies file permissions
-
Use of msiexec (install) with remote resource
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-