General
-
Target
19894857326.zip
-
Size
883KB
-
Sample
241112-n7kdea1mhs
-
MD5
663c4956cb3f8651b2570dae1b3f96d2
-
SHA1
a3196d7a26bbb1ecb4a18d84b70614f049848461
-
SHA256
204a2d602506653273194e5909b8c969fb5d9f447af7fd9385cfeb02aff542ac
-
SHA512
e8ea23e4caada70c66bb3056e0f26fc2864c53cbee5b6685c3060fc3bce82305d3c2a491139574c778294aa63368cb7110de95f9fda4bc1528e9bcf8cb117d25
-
SSDEEP
24576:3YTLJC6qiuyvPW5vJ4ZfWmpZBqa2cB7vgUgvCITUxnzX66Msr:3YTLwwunuZXDBqaZSUgvQx/r
Static task
static1
Behavioral task
behavioral1
Sample
1c1d333fe2bdbda247dccc97fdd46513e39d95c8393019360e1c1597f263fa69.msi
Resource
win7-20240729-es
Behavioral task
behavioral2
Sample
1c1d333fe2bdbda247dccc97fdd46513e39d95c8393019360e1c1597f263fa69.msi
Resource
win10v2004-20241007-es
Malware Config
Targets
-
-
Target
1c1d333fe2bdbda247dccc97fdd46513e39d95c8393019360e1c1597f263fa69
-
Size
1.9MB
-
MD5
2e2febe11417e673b886abe428111b89
-
SHA1
4d11a766e023f22058971deebf93cead7bb0ae7a
-
SHA256
1c1d333fe2bdbda247dccc97fdd46513e39d95c8393019360e1c1597f263fa69
-
SHA512
cb7fcc2fa38d80acf9c8539efe1beaa401d0ef6a43acd0fcc95e3287fc7b25874d2219c4a4066703e3da6ba23d1b98eba87c4b0bc23ce8a02c84eec97585da36
-
SSDEEP
49152:xp21z0A+biU50unDN5GQKNkyRmopy4duG/8Wea/xwu:cK3KNkomky
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-