General
-
Target
entrate.vhd
-
Size
6.0MB
-
Sample
231120-qetgqaha5v
-
MD5
ddc85ed323ac6649d7c37aed4820c092
-
SHA1
bca10ed3b5186ae3a3aedf83e63fe8f0e66144dd
-
SHA256
22fcf360cea1149c89404bc89a2035e984b72c670d0051c50facf8e09e5133d2
-
SHA512
4713b2e12876d15c132a8b67cac842d1180fe8753873a8aa13bd9e0a1325cf387c4f1e6b7d50d376911e1804a602bab2d573af9b00c2734d459f3fe48a09679a
-
SSDEEP
49152:V8JYy3j5T+w+X7gJhHcnsZ9UwgV+UjgaebGz:KJYwTf67gHlUBV65b
Static task
static1
Behavioral task
behavioral1
Sample
Agenzia.url
Resource
win7-20231020-en
Malware Config
Extracted
systembc
62.173.140.37:4001
Targets
-
-
Target
Agenzia.url
-
Size
204B
-
MD5
3bed3fb03b12000c17c2f1fdfb6befe1
-
SHA1
36e60975b967f852f5ed31788e480336f5ce3ac3
-
SHA256
522f6cd72ee97eb4d00c2b3ef4c93c4f3396f3c6c8f85dd58655a0edcd0b865d
-
SHA512
b4bd6905634f6a64098fada9af984a5d97616eeabcaf0a482363ea759232dd4e887f4f0e854faf2366308a00d2ff292aab759bdfba8424d62b7869ba94e5a793
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-