General
-
Target
f1cf2b82b0ec58426d7983e939d0989ad7bd5425993012eab4455c6ad0bbe22b.exe
-
Size
48KB
-
Sample
240928-cf2yla1ejj
-
MD5
e123613672abc38913dcd968faecea29
-
SHA1
626e7906b9d344c97d74223e31c5953eb7222d74
-
SHA256
f1cf2b82b0ec58426d7983e939d0989ad7bd5425993012eab4455c6ad0bbe22b
-
SHA512
19d7d25aa5e38bc330cd43a74346ce7d964cad9d0d4b4f270dea0905bd15b39c48e3cf54cb2a9957c1ccc3df95da82325fdd065299b2fb80dde8d4677d2ced96
-
SSDEEP
768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67FhPC:Ub1MsHz3JDwhyWr+N95OTga6G
Behavioral task
behavioral1
Sample
f1cf2b82b0ec58426d7983e939d0989ad7bd5425993012eab4455c6ad0bbe22b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f1cf2b82b0ec58426d7983e939d0989ad7bd5425993012eab4455c6ad0bbe22b.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
f1cf2b82b0ec58426d7983e939d0989ad7bd5425993012eab4455c6ad0bbe22b.exe
-
Size
48KB
-
MD5
e123613672abc38913dcd968faecea29
-
SHA1
626e7906b9d344c97d74223e31c5953eb7222d74
-
SHA256
f1cf2b82b0ec58426d7983e939d0989ad7bd5425993012eab4455c6ad0bbe22b
-
SHA512
19d7d25aa5e38bc330cd43a74346ce7d964cad9d0d4b4f270dea0905bd15b39c48e3cf54cb2a9957c1ccc3df95da82325fdd065299b2fb80dde8d4677d2ced96
-
SSDEEP
768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67FhPC:Ub1MsHz3JDwhyWr+N95OTga6G
Score10/10-
Server Software Component: Terminal Services DLL
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a Windows Service
-
Drops file in System32 directory
-