General
-
Target
fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae
-
Size
139.7MB
-
Sample
240801-blv7katcrq
-
MD5
ddd859f194236cdd7f77dc2e65817f16
-
SHA1
597cb86abd4dcd4efc0b9c9ea074f3c8dda61c3f
-
SHA256
fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae
-
SHA512
c46bc980c88fc3c707409b1be097fb533d66a3ac1474a06d40676dbb21ee9c9730aa24fdb8e50fc895fe901ad3acb138d3a5335ac60c13174c785e2dab67ac80
-
SSDEEP
786432:qxeyemYExLVqyOqZDd+ybW1h4uyrzMVX9yvjBIA1toV+c7BmVvJpXrK7IBK53xp:qAmYeLQPqfWLYUNw91toV+caJ6H
Behavioral task
behavioral1
Sample
fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae.exe
Resource
win10v2004-20240730-en
Malware Config
Targets
-
-
Target
fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae
-
Size
139.7MB
-
MD5
ddd859f194236cdd7f77dc2e65817f16
-
SHA1
597cb86abd4dcd4efc0b9c9ea074f3c8dda61c3f
-
SHA256
fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae
-
SHA512
c46bc980c88fc3c707409b1be097fb533d66a3ac1474a06d40676dbb21ee9c9730aa24fdb8e50fc895fe901ad3acb138d3a5335ac60c13174c785e2dab67ac80
-
SSDEEP
786432:qxeyemYExLVqyOqZDd+ybW1h4uyrzMVX9yvjBIA1toV+c7BmVvJpXrK7IBK53xp:qAmYeLQPqfWLYUNw91toV+caJ6H
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Loads dropped DLL
-