General
-
Target
b5e60abc583ff3d62896c265bcd95d924bc0f63d74eac1767d6f26588f980f59
-
Size
7.2MB
-
Sample
240613-3w5brsweld
-
MD5
77fdcf0256bc7d5a3480f743e1073560
-
SHA1
20c662e5d065c60f92cc3fd7cc042aedddb14d22
-
SHA256
b5e60abc583ff3d62896c265bcd95d924bc0f63d74eac1767d6f26588f980f59
-
SHA512
0d07aa13bebfd008fc41f71bf266fe2d755593eb358f563528ee4689f261ea833e6bdfc3001a2fc80b737ce210dd605c5e3cd99f1cef84739a33b360f160f922
-
SSDEEP
98304:91OqcyeknVRsKbootofR/bhs6cnSQIcn1/6sFEGCpYO/5H4y1QCi2erNssgWUCsD:91OqcyEucR/ds6cSQN/yNiDpVZJre
Static task
static1
Behavioral task
behavioral1
Sample
b5e60abc583ff3d62896c265bcd95d924bc0f63d74eac1767d6f26588f980f59.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
b5e60abc583ff3d62896c265bcd95d924bc0f63d74eac1767d6f26588f980f59
-
Size
7.2MB
-
MD5
77fdcf0256bc7d5a3480f743e1073560
-
SHA1
20c662e5d065c60f92cc3fd7cc042aedddb14d22
-
SHA256
b5e60abc583ff3d62896c265bcd95d924bc0f63d74eac1767d6f26588f980f59
-
SHA512
0d07aa13bebfd008fc41f71bf266fe2d755593eb358f563528ee4689f261ea833e6bdfc3001a2fc80b737ce210dd605c5e3cd99f1cef84739a33b360f160f922
-
SSDEEP
98304:91OqcyeknVRsKbootofR/bhs6cnSQIcn1/6sFEGCpYO/5H4y1QCi2erNssgWUCsD:91OqcyEucR/ds6cSQN/yNiDpVZJre
-
Blocklisted process makes network request
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-