General
-
Target
entrate.zip
-
Size
1.3MB
-
Sample
231120-qgrqxagb45
-
MD5
30533b832f1a3b68cd40f5656be04c33
-
SHA1
0c7c8db458c23add3d8eb107592052c1764516b9
-
SHA256
95943a0a35a08fa88362f9562c6c9bddfa9894cfac9085e2f3de9f7dc9bb1de8
-
SHA512
3242755d0a739a56a9ab993335168268e450a8674a849d249aabb226a2e68db2258507ae393dc3cc94bc0448ac869bcda84ae18624e81f61d8029d17015ea37a
-
SSDEEP
24576:TCm4dsyAwxjK9kh1lgPY38Pw7gGlrsfwnxQLube+SJeBnB2ejN8EJ1:TedxfxjK4I8UWgksfKzSJeBB2ejNV1
Static task
static1
Behavioral task
behavioral1
Sample
Agenzia.url
Resource
win7-20231025-en
Malware Config
Extracted
systembc
62.173.140.37:4001
Targets
-
-
Target
Agenzia.url
-
Size
204B
-
MD5
3bed3fb03b12000c17c2f1fdfb6befe1
-
SHA1
36e60975b967f852f5ed31788e480336f5ce3ac3
-
SHA256
522f6cd72ee97eb4d00c2b3ef4c93c4f3396f3c6c8f85dd58655a0edcd0b865d
-
SHA512
b4bd6905634f6a64098fada9af984a5d97616eeabcaf0a482363ea759232dd4e887f4f0e854faf2366308a00d2ff292aab759bdfba8424d62b7869ba94e5a793
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-