General
-
Target
rete.vhd
-
Size
6.0MB
-
Sample
231120-qcmamaha4s
-
MD5
6f5d21f39b19710ac75e75c83fd979cb
-
SHA1
e928f581384dcd8dfeab2c63773fc560652e1794
-
SHA256
4dec34cce9bd330ba704371a77a14b742603c64e633b50ee4158ea55129e42f9
-
SHA512
fb915bf394690d4181e0cbc4803dd4df9ae3092b313b6ebf4a93c58f1d2d6aa8f461a917c7d09a5d3cdbbafab1b6c628ff678124be8b084725468c810bea4b6f
-
SSDEEP
49152:J8JYy3JDtzkvlpYbBTKPiD+Mmp5T+w+X7gJhHcnsZ9Uwg5bGz:eJY2DtzrbtKPiD+MmTTf67gHlUB5b
Static task
static1
Behavioral task
behavioral1
Sample
Agenzia_Entrate.url
Resource
win7-20231020-en
Malware Config
Extracted
systembc
62.173.140.37:4001
Targets
-
-
Target
Agenzia_Entrate.url
-
Size
204B
-
MD5
111a51917160126faf0de997749c4a84
-
SHA1
4b872bf6d21caa3e3c56b380ddf0f7accb3343de
-
SHA256
3c18e64435871f8e9fd9c1d379f6cb76f4a5e8c5734386ff9ae10e35fb666112
-
SHA512
c127498748011824f160e251335414471f28e74218f6d7a4850c4e470e3147741a0ec623a695e8b55f84410c826fd39fd82a86ce37dca0771493fb47f114ec6c
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-