General
-
Target
9e182abd97e46d2788e637b1969deede1821bc08ece40d731ec1051be0b32330 (1)
-
Size
134KB
-
Sample
240523-gs97ysfh45
-
MD5
1f2912c0c12b316023061de20ee3cc55
-
SHA1
05cad925852e41a0832bc9bf3db5056990d027d4
-
SHA256
9e182abd97e46d2788e637b1969deede1821bc08ece40d731ec1051be0b32330
-
SHA512
226d9de84f0a3624e8b84ec3f89026299d457907faab3246694b04de40af76d927561ccbf463444e5049dd55ac2a72f4e727c6e10f4a490604c01738142c7f5b
-
SSDEEP
1536:BIscHpcWN6ns7eemQA1iPFmpcEo0SlWu37kxlvtqMPeHp6o:5cHDesSemV1iQWEo0SlWA7Alvtl8f
Static task
static1
Behavioral task
behavioral1
Sample
9e182abd97e46d2788e637b1969deede1821bc08ece40d731ec1051be0b32330 (1).js
Resource
win7-20240419-en
Malware Config
Extracted
http://185.49.69.41/data/b413842a6f5f431ab839f99fe3f6d3a9
Targets
-
-
Target
9e182abd97e46d2788e637b1969deede1821bc08ece40d731ec1051be0b32330 (1)
-
Size
134KB
-
MD5
1f2912c0c12b316023061de20ee3cc55
-
SHA1
05cad925852e41a0832bc9bf3db5056990d027d4
-
SHA256
9e182abd97e46d2788e637b1969deede1821bc08ece40d731ec1051be0b32330
-
SHA512
226d9de84f0a3624e8b84ec3f89026299d457907faab3246694b04de40af76d927561ccbf463444e5049dd55ac2a72f4e727c6e10f4a490604c01738142c7f5b
-
SSDEEP
1536:BIscHpcWN6ns7eemQA1iPFmpcEo0SlWu37kxlvtqMPeHp6o:5cHDesSemV1iQWEo0SlWA7Alvtl8f
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-