General
-
Target
rete.zip
-
Size
1.6MB
-
Sample
231120-qgndgsha61
-
MD5
77be796a24d4265164ab8e391b890429
-
SHA1
99cf95904d3dd39f5a0d61499eaeaa73bb93ed65
-
SHA256
ffa38121ce884376872a6ee925945e2c7ae39ecedd04ba3c52938d6241956456
-
SHA512
089fdda2b3bb5846673aa5bd07a55b46d6915ddd842ab1b5ca76f03b745f3dfe9402eed4f7489ceff869c9042c1543d48be3a682fe69bc31e2f37f928da0b731
-
SSDEEP
49152:NB6C/Z5l1ERoHYtU3hSHjnJlILHGWsy3Sr0:b/dqRo4K3AHrJlIbpZSr0
Static task
static1
Behavioral task
behavioral1
Sample
Agenzia_Entrate.url
Resource
win7-20231023-en
Malware Config
Extracted
systembc
62.173.140.37:4001
Targets
-
-
Target
Agenzia_Entrate.url
-
Size
204B
-
MD5
111a51917160126faf0de997749c4a84
-
SHA1
4b872bf6d21caa3e3c56b380ddf0f7accb3343de
-
SHA256
3c18e64435871f8e9fd9c1d379f6cb76f4a5e8c5734386ff9ae10e35fb666112
-
SHA512
c127498748011824f160e251335414471f28e74218f6d7a4850c4e470e3147741a0ec623a695e8b55f84410c826fd39fd82a86ce37dca0771493fb47f114ec6c
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-