General
-
Target
ff4f8f3ad4cf426a6705f1070107e1b7f7c984178aa23d02db098277d698a16a
-
Size
274KB
-
Sample
231204-nreszsah22
-
MD5
c143ffe41a63c53736db29f1593eb3a8
-
SHA1
66190d69803da48712c2e535c5462ad901080f46
-
SHA256
ff4f8f3ad4cf426a6705f1070107e1b7f7c984178aa23d02db098277d698a16a
-
SHA512
1ac4f2914fa6cff83d9f01406605648316a5947dc779579ad8db4f6b4fced95ab4011046eaae592a6caf7941a707998a59bbc480db9ac1058647de6d8c48ea56
-
SSDEEP
6144:RbTirrfykiiUjh6QH/cEOkCybEaQRXr9HNdvOa:RPcrfR6ZnOkx2LIa
Behavioral task
behavioral1
Sample
ff4f8f3ad4cf426a6705f1070107e1b7f7c984178aa23d02db098277d698a16a.exe
Resource
win7-20231025-en
Malware Config
Targets
-
-
Target
ff4f8f3ad4cf426a6705f1070107e1b7f7c984178aa23d02db098277d698a16a
-
Size
274KB
-
MD5
c143ffe41a63c53736db29f1593eb3a8
-
SHA1
66190d69803da48712c2e535c5462ad901080f46
-
SHA256
ff4f8f3ad4cf426a6705f1070107e1b7f7c984178aa23d02db098277d698a16a
-
SHA512
1ac4f2914fa6cff83d9f01406605648316a5947dc779579ad8db4f6b4fced95ab4011046eaae592a6caf7941a707998a59bbc480db9ac1058647de6d8c48ea56
-
SSDEEP
6144:RbTirrfykiiUjh6QH/cEOkCybEaQRXr9HNdvOa:RPcrfR6ZnOkx2LIa
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops file in System32 directory
-