General
-
Target
92192af947017c20ad861faf4459fb705e63f7083b34c77c1727891b88091573
-
Size
20.0MB
-
Sample
241102-whze2atqdj
-
MD5
075d6c122274cb9226521d3cd298f2f2
-
SHA1
6f54d70f39fa28596ef90bfcb0c14278b016db1b
-
SHA256
92192af947017c20ad861faf4459fb705e63f7083b34c77c1727891b88091573
-
SHA512
c89f25e451ae095635bee4df25cbf7bb8431d87017ae65898471b346ee3b2a8694b5a45aa00e4dc54881905643c62843216d402e10faadd195e10922a29573be
-
SSDEEP
393216:9Vz6+gdQzi/Ew1x1vXYQBEPDdasNaAzEFuEaP3CxMk50pRZfQCy0lifWA5J8EOx:LHSvI+EPDdXNaHaP4Mk50hfh/ieA5nOx
Static task
static1
Behavioral task
behavioral1
Sample
92192af947017c20ad861faf4459fb705e63f7083b34c77c1727891b88091573.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
92192af947017c20ad861faf4459fb705e63f7083b34c77c1727891b88091573
-
Size
20.0MB
-
MD5
075d6c122274cb9226521d3cd298f2f2
-
SHA1
6f54d70f39fa28596ef90bfcb0c14278b016db1b
-
SHA256
92192af947017c20ad861faf4459fb705e63f7083b34c77c1727891b88091573
-
SHA512
c89f25e451ae095635bee4df25cbf7bb8431d87017ae65898471b346ee3b2a8694b5a45aa00e4dc54881905643c62843216d402e10faadd195e10922a29573be
-
SSDEEP
393216:9Vz6+gdQzi/Ew1x1vXYQBEPDdasNaAzEFuEaP3CxMk50pRZfQCy0lifWA5J8EOx:LHSvI+EPDdXNaHaP4Mk50hfh/ieA5nOx
-
Rurat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-