General
-
Target
fb714d59bcb67c0910c8f4ee0c5f0e62.exe
-
Size
48KB
-
Sample
240927-t1n1xa1fjr
-
MD5
fb714d59bcb67c0910c8f4ee0c5f0e62
-
SHA1
f22ffe25d693ccf771b5ae60b373f4c74551b317
-
SHA256
25ad9ca13dc1ee44d8c3a3d0fba9365d9e9fd65db1411a0f720dd036d11911f3
-
SHA512
24dac934a89ab30379331251749947af7817ed4c661a5b247a12177d1c3c04593da274eeea9ebfb7c6f7329916f03eb2c6c0a2d18b99358d8d14b6de48a33393
-
SSDEEP
768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67GhPC:Ub1MsHz3JDwhyWr+N95OTga69
Behavioral task
behavioral1
Sample
fb714d59bcb67c0910c8f4ee0c5f0e62.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fb714d59bcb67c0910c8f4ee0c5f0e62.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
fb714d59bcb67c0910c8f4ee0c5f0e62.exe
-
Size
48KB
-
MD5
fb714d59bcb67c0910c8f4ee0c5f0e62
-
SHA1
f22ffe25d693ccf771b5ae60b373f4c74551b317
-
SHA256
25ad9ca13dc1ee44d8c3a3d0fba9365d9e9fd65db1411a0f720dd036d11911f3
-
SHA512
24dac934a89ab30379331251749947af7817ed4c661a5b247a12177d1c3c04593da274eeea9ebfb7c6f7329916f03eb2c6c0a2d18b99358d8d14b6de48a33393
-
SSDEEP
768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67GhPC:Ub1MsHz3JDwhyWr+N95OTga69
Score8/10-
Server Software Component: Terminal Services DLL
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a Windows Service
-
Drops file in System32 directory
-