General
-
Target
af6a6af58650a9d373f18ac7cb92619455963fd7743dc8e74aa7c6b26d278aee
-
Size
94KB
-
Sample
241117-kanssavmbv
-
MD5
0b97ed69e5f469d01db15d0d0112a908
-
SHA1
85cc1384b80f29b3857e7b461c8a58f95bf728f4
-
SHA256
af6a6af58650a9d373f18ac7cb92619455963fd7743dc8e74aa7c6b26d278aee
-
SHA512
7e8c7588c5e6b517223dcabbc23c600d5fb9a9fc43e96ddd9bf40d0a08df820ad1eacdc275799aa5d933f9521dc15dfaf3d2a81c09362f3b3484c3f629a41829
-
SSDEEP
1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7Q:PfU/WF6QMauSuiWNi9CO+WARJrWNZW
Static task
static1
Behavioral task
behavioral1
Sample
af6a6af58650a9d373f18ac7cb92619455963fd7743dc8e74aa7c6b26d278aee.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
af6a6af58650a9d373f18ac7cb92619455963fd7743dc8e74aa7c6b26d278aee.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
af6a6af58650a9d373f18ac7cb92619455963fd7743dc8e74aa7c6b26d278aee
-
Size
94KB
-
MD5
0b97ed69e5f469d01db15d0d0112a908
-
SHA1
85cc1384b80f29b3857e7b461c8a58f95bf728f4
-
SHA256
af6a6af58650a9d373f18ac7cb92619455963fd7743dc8e74aa7c6b26d278aee
-
SHA512
7e8c7588c5e6b517223dcabbc23c600d5fb9a9fc43e96ddd9bf40d0a08df820ad1eacdc275799aa5d933f9521dc15dfaf3d2a81c09362f3b3484c3f629a41829
-
SSDEEP
1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7Q:PfU/WF6QMauSuiWNi9CO+WARJrWNZW
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-