General
-
Target
file.exe
-
Size
7.3MB
-
Sample
231207-v1zm3seb65
-
MD5
0faa4d38e65ff7e0f1e8134efa1895cf
-
SHA1
3a6acf2ca9b32c2db7d7cc57becf0f1a78865e18
-
SHA256
b1522b1aa5051f824a40e3ef61466b52a7bb5ba84572f3c581990b08b2155e6b
-
SHA512
b55e479d6b078038b2e1ba768ee4a934d4c7d7fc85e0c56e0dc1f682828d7a80618462b0663d7cd3b11cb3b3c36ead638415baaa83cedb0812502ca7c4a802a3
-
SSDEEP
196608:91OnB0vWiQDyndQdhiuIhU535GPCLsTzoNL:3On+OiQDyn6i9hU535Vw3oNL
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231023-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
7.3MB
-
MD5
0faa4d38e65ff7e0f1e8134efa1895cf
-
SHA1
3a6acf2ca9b32c2db7d7cc57becf0f1a78865e18
-
SHA256
b1522b1aa5051f824a40e3ef61466b52a7bb5ba84572f3c581990b08b2155e6b
-
SHA512
b55e479d6b078038b2e1ba768ee4a934d4c7d7fc85e0c56e0dc1f682828d7a80618462b0663d7cd3b11cb3b3c36ead638415baaa83cedb0812502ca7c4a802a3
-
SSDEEP
196608:91OnB0vWiQDyndQdhiuIhU535GPCLsTzoNL:3On+OiQDyn6i9hU535Vw3oNL
-
Blocklisted process makes network request
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-