General
-
Target
21f055fae8ca7df29375d05c1400c166aed1ca1473770e7b22d242cf2609d25d
-
Size
473KB
-
Sample
240403-x3z3qsac5v
-
MD5
0b04a67e885c68278f26424d0fe3826e
-
SHA1
b4a521b8b9b6d44fdec744cf57bc23514e3d3351
-
SHA256
21f055fae8ca7df29375d05c1400c166aed1ca1473770e7b22d242cf2609d25d
-
SHA512
05c41bcb01bcf59754f7f7a190a6539f6cfb1add4b6a0c1e1423ea013b8cacdfcc132b36232792916bfaa3b67146b90ae2c1797b0cc15ad6c4f8eb5ffa104fa2
-
SSDEEP
6144:ipuN8bKQsIQnrR5L3dnQCarDr0d4Qz+i5GhxkbV9hdlG/8G2ZzIdA4JdfxEu79Li:1Q5QnrrLGnisIS/HaeAEdmSL6nJ
Static task
static1
Behavioral task
behavioral1
Sample
21f055fae8ca7df29375d05c1400c166aed1ca1473770e7b22d242cf2609d25d.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
21f055fae8ca7df29375d05c1400c166aed1ca1473770e7b22d242cf2609d25d
-
Size
473KB
-
MD5
0b04a67e885c68278f26424d0fe3826e
-
SHA1
b4a521b8b9b6d44fdec744cf57bc23514e3d3351
-
SHA256
21f055fae8ca7df29375d05c1400c166aed1ca1473770e7b22d242cf2609d25d
-
SHA512
05c41bcb01bcf59754f7f7a190a6539f6cfb1add4b6a0c1e1423ea013b8cacdfcc132b36232792916bfaa3b67146b90ae2c1797b0cc15ad6c4f8eb5ffa104fa2
-
SSDEEP
6144:ipuN8bKQsIQnrR5L3dnQCarDr0d4Qz+i5GhxkbV9hdlG/8G2ZzIdA4JdfxEu79Li:1Q5QnrrLGnisIS/HaeAEdmSL6nJ
Score9/10-
Detects executables containing SQL queries to confidential data stores. Observed in infostealers
-
Detects executables containing base64 encoded User Agent
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-