General
-
Target
file.exe
-
Size
372KB
-
Sample
250119-wlv7sazlel
-
MD5
ba86a543befb9eb0ff35ceb210f0d3b2
-
SHA1
fceccaa61278f798d2882292535342b06e66f6e9
-
SHA256
42493c712c2eeb62d9d78121e3dae32ee4cf0c3ac98fe4d5e4c765f943b05a54
-
SHA512
0cf14d8ee28dbae38bb8d0b37ddace2cab9bd7d92e1b016b6106e5d77920beb29e15bc791b641ed4e87fba9ce1a3e21bed2165691fe4a9e16b95d6972fa5fb2e
-
SSDEEP
6144:syNQVJ1utC+lTdVrBYInZ5XqMt9GDf1GqPL8Wpeb:syGVIvRZtP+Df
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
372KB
-
MD5
ba86a543befb9eb0ff35ceb210f0d3b2
-
SHA1
fceccaa61278f798d2882292535342b06e66f6e9
-
SHA256
42493c712c2eeb62d9d78121e3dae32ee4cf0c3ac98fe4d5e4c765f943b05a54
-
SHA512
0cf14d8ee28dbae38bb8d0b37ddace2cab9bd7d92e1b016b6106e5d77920beb29e15bc791b641ed4e87fba9ce1a3e21bed2165691fe4a9e16b95d6972fa5fb2e
-
SSDEEP
6144:syNQVJ1utC+lTdVrBYInZ5XqMt9GDf1GqPL8Wpeb:syGVIvRZtP+Df
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-