General
-
Target
731956e6cdf6af2975fba11d6df8d11eeb22eab328e49d0a30ecf789bac2ff1a
-
Size
12KB
-
Sample
240522-zsb92age39
-
MD5
5a75354b4cea88a97bbbc0dc8718010a
-
SHA1
307b838743b09f3b561c5ff9490e1e67cd56f3e2
-
SHA256
731956e6cdf6af2975fba11d6df8d11eeb22eab328e49d0a30ecf789bac2ff1a
-
SHA512
c77ed68a2f088221b0f32e02473d8d8736a6c3421b791378b159702b032912ed5f0b3a16d69ea38d85bfdca8f4d6a8ffda23f1de3cbc08ba3255bbf186b2c9ea
-
SSDEEP
192:BL29RBzDzeobchBj8JONfONZx2ru0rEPEjr7AhY:R29jnbcvYJOcDxiu0vr7CY
Static task
static1
Behavioral task
behavioral1
Sample
731956e6cdf6af2975fba11d6df8d11eeb22eab328e49d0a30ecf789bac2ff1a.xll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
731956e6cdf6af2975fba11d6df8d11eeb22eab328e49d0a30ecf789bac2ff1a.xll
Resource
win10v2004-20240426-en
Malware Config
Extracted
Targets
-
-
Target
731956e6cdf6af2975fba11d6df8d11eeb22eab328e49d0a30ecf789bac2ff1a
-
Size
12KB
-
MD5
5a75354b4cea88a97bbbc0dc8718010a
-
SHA1
307b838743b09f3b561c5ff9490e1e67cd56f3e2
-
SHA256
731956e6cdf6af2975fba11d6df8d11eeb22eab328e49d0a30ecf789bac2ff1a
-
SHA512
c77ed68a2f088221b0f32e02473d8d8736a6c3421b791378b159702b032912ed5f0b3a16d69ea38d85bfdca8f4d6a8ffda23f1de3cbc08ba3255bbf186b2c9ea
-
SSDEEP
192:BL29RBzDzeobchBj8JONfONZx2ru0rEPEjr7AhY:R29jnbcvYJOcDxiu0vr7CY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-