General
-
Target
cf1109.exe
-
Size
3.6MB
-
Sample
231204-ej7pcsgh64
-
MD5
91815bf91f726daff42fa0d72bb16ba9
-
SHA1
a2eeef28a9f5b13265d15b4ea67e39aba14c2026
-
SHA256
0afe2457593ed96468f8acd9027a1f44612afff56ab63864c3f745a40e902e21
-
SHA512
500e287cd0b54911b18da6242a2f7c8afa04e1500ab86c9fa86068c3cee216e6033768fb67f1d8e68d24be033e49292ee8d016f5fbaf3433be6e17ace1786147
-
SSDEEP
98304:YtpmbKYUJBi1dAst6Esrf3b6xjM/qcURDE81VZTU0bKt+tVn/ndxr:YfmfG/fr6pKAn1VZT5bTt5fH
Behavioral task
behavioral1
Sample
cf1109.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
cf1109.exe
Resource
win10-20231023-en
Behavioral task
behavioral3
Sample
cf1109.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
cf1109.exe
-
Size
3.6MB
-
MD5
91815bf91f726daff42fa0d72bb16ba9
-
SHA1
a2eeef28a9f5b13265d15b4ea67e39aba14c2026
-
SHA256
0afe2457593ed96468f8acd9027a1f44612afff56ab63864c3f745a40e902e21
-
SHA512
500e287cd0b54911b18da6242a2f7c8afa04e1500ab86c9fa86068c3cee216e6033768fb67f1d8e68d24be033e49292ee8d016f5fbaf3433be6e17ace1786147
-
SSDEEP
98304:YtpmbKYUJBi1dAst6Esrf3b6xjM/qcURDE81VZTU0bKt+tVn/ndxr:YfmfG/fr6pKAn1VZT5bTt5fH
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-