General
-
Target
dd9d7cf9372a5737863d4dc33f132b9a.exe
-
Size
52KB
-
Sample
240927-kyxetsxfkd
-
MD5
dd9d7cf9372a5737863d4dc33f132b9a
-
SHA1
4380d4afc2786ee77d2644aa1e34c9b77951b5d3
-
SHA256
bb46d0c8b43a92fda32622b15fd8060dedf1f0666c8e536cdad49ad3e1a79ade
-
SHA512
e4f2f85f8d9e41bce53868d78fb74cbcfaa8fa9df7e997f442a5858792b11b487cd7684bd3fd079006385774b45ef2e4d70a8793e367104e6b600a473895ae03
-
SSDEEP
768:7ynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67LhP8D0xj:sb1MsHz3JDwhyWr+N95OTga6SDej
Behavioral task
behavioral1
Sample
dd9d7cf9372a5737863d4dc33f132b9a.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
dd9d7cf9372a5737863d4dc33f132b9a.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
dd9d7cf9372a5737863d4dc33f132b9a.exe
-
Size
52KB
-
MD5
dd9d7cf9372a5737863d4dc33f132b9a
-
SHA1
4380d4afc2786ee77d2644aa1e34c9b77951b5d3
-
SHA256
bb46d0c8b43a92fda32622b15fd8060dedf1f0666c8e536cdad49ad3e1a79ade
-
SHA512
e4f2f85f8d9e41bce53868d78fb74cbcfaa8fa9df7e997f442a5858792b11b487cd7684bd3fd079006385774b45ef2e4d70a8793e367104e6b600a473895ae03
-
SSDEEP
768:7ynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67LhP8D0xj:sb1MsHz3JDwhyWr+N95OTga6SDej
Score8/10-
Server Software Component: Terminal Services DLL
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a Windows Service
-
Drops file in System32 directory
-