General
-
Target
d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f
-
Size
59KB
-
Sample
241114-dp9v8stflp
-
MD5
d7fcd4512239cf12109771ae5861c9f7
-
SHA1
52a557449ef122a1b7c8c26212b3eb2531e30efc
-
SHA256
d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f
-
SHA512
b83bbd68d98cc43fd41d2b1bcdba100b5aab864a0e50d46a12156951e7b925023abbc69dc3e8cd50a92fa69b6f847ced7551b2d4a40683993ca2f7259e3ff376
-
SSDEEP
1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQI:OeodiUO4p13b9HiIeoutuh1aQI
Behavioral task
behavioral1
Sample
d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f
-
Size
59KB
-
MD5
d7fcd4512239cf12109771ae5861c9f7
-
SHA1
52a557449ef122a1b7c8c26212b3eb2531e30efc
-
SHA256
d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f
-
SHA512
b83bbd68d98cc43fd41d2b1bcdba100b5aab864a0e50d46a12156951e7b925023abbc69dc3e8cd50a92fa69b6f847ced7551b2d4a40683993ca2f7259e3ff376
-
SSDEEP
1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQI:OeodiUO4p13b9HiIeoutuh1aQI
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-