General
-
Target
8a5a192bd90e11d69411b772e683121b.zip
-
Size
2.7MB
-
Sample
220526-m84yrsegbk
-
MD5
f89095dc1e701c7b2afb87794f042def
-
SHA1
89c4c256d7e3d13732cb3c15b3d6272b4fcaa799
-
SHA256
08c96573ef49ec027f0f9e466e85619d6324c5b62eabfc1f26c0d4ac2d571486
-
SHA512
22d2c13eb02499a9647bafc77796f84e0dffb31fc013afe4d886f90f3168c542d13be7670bb1ca2d5e428dbe7d3c87797519712eb804ac892b52215225ff92fc
Static task
static1
Behavioral task
behavioral1
Sample
cce973b40f864284f2226213f1989c45861d89fd62eb0e311e880f5d017e23b2.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
cce973b40f864284f2226213f1989c45861d89fd62eb0e311e880f5d017e23b2.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
cce973b40f864284f2226213f1989c45861d89fd62eb0e311e880f5d017e23b2
-
Size
276.0MB
-
MD5
8a5a192bd90e11d69411b772e683121b
-
SHA1
aa2028f90a3cd0cf04a2ead9a5ec6ff03f95e8e2
-
SHA256
cce973b40f864284f2226213f1989c45861d89fd62eb0e311e880f5d017e23b2
-
SHA512
81ec27bc03567466dc1cdfac7ceb7e9f34ee0cbe1bcc4d933009c7237cb3ad027d2bdfc88fcd39e62caa4e480b05254cc5da2c4b9861fc9c3e87f67ed3b0c387
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-