General
-
Target
plan_dsns.gov.ua.rar
-
Size
19.8MB
-
Sample
240122-nzlaqsfgf5
-
MD5
21e4a83a29d2ff9f76ec9bcf15ac4496
-
SHA1
06b5e8071ed87d62d09409b44ceec37c8cb60fac
-
SHA256
20ab498b278b14f3786f634778a04d219c74e9fd8517b98f4aca313c9934b7f2
-
SHA512
cb83ec603a96daec50b6934e2f1c3f4e4472c54b1db23b37188e56ad7a1b09e3fc0e8340887cb27b8e90c32108779b8ade0c4a0977303ff7e08d4ed75489a1fa
-
SSDEEP
393216:hEPPp5MO9/LXjaB2LUPdtiY0NyyNXV1nUepybF/N:hEnp5MK/LXmBfPdEMVeIh1
Static task
static1
Behavioral task
behavioral1
Sample
Електронний план евакуації.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
Електронний план евакуації.exe
-
Size
20.1MB
-
MD5
9b40a1519801020305e31e553a3e82ab
-
SHA1
cdb31b4af42b3fb27527839ecf26d1c26f2a5d06
-
SHA256
5158482849c818c270f302c1dfa06d770ed2b5056cf393d60fd56817636866da
-
SHA512
57fb1869dee12253b97d787e26398ee2cd00c8bea8feaa737ffe0c61f5cad342a956cc0357cfb3551d31425df5cf857db560b3b97d16e57d5a8596d45f42bca9
-
SSDEEP
393216:zTrD0wz5HtKIdVtvz75Un+2PJ3L6LBQ45TDmZmLCAJ+JuuPUg9ScrRl:TgwdHUyVtvz75Un+uhs5TWmODgyaA
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-