General
-
Target
689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06.exe
-
Size
69KB
-
Sample
240302-fxxlzsbb35
-
MD5
873d9db7925a4ec75bfecf636d0ef454
-
SHA1
aa3f6724934db998d963cd18d2b358a62dfcdbbc
-
SHA256
689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06
-
SHA512
00570e3cab520d34db457b50a4f2be0604baa62e9f95a28d1d7e36127064954199c95ad90d9a49ec3e06db04a1b49c6e3cdeef2ddbc20b7be457edf313e3d616
-
SSDEEP
1536:2uwRszlg+JOyyJJ9OVnFbI7pTmZmCZseQvDjvaUH57:2uwRWO+JMOVnFbI7QICZRSaUZ7
Behavioral task
behavioral1
Sample
689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06.exe
-
Size
69KB
-
MD5
873d9db7925a4ec75bfecf636d0ef454
-
SHA1
aa3f6724934db998d963cd18d2b358a62dfcdbbc
-
SHA256
689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06
-
SHA512
00570e3cab520d34db457b50a4f2be0604baa62e9f95a28d1d7e36127064954199c95ad90d9a49ec3e06db04a1b49c6e3cdeef2ddbc20b7be457edf313e3d616
-
SSDEEP
1536:2uwRszlg+JOyyJJ9OVnFbI7pTmZmCZseQvDjvaUH57:2uwRWO+JMOVnFbI7QICZRSaUZ7
-
Async RAT payload
-
Detects executables packed with Babel
-
Detects executables packed with Dotfuscator
-
Detects executables packed with Goliath
-
Detects executables packed with dotNetProtector
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-