General
-
Target
144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b.bin
-
Size
4.8MB
-
Sample
211020-fw2jjsgfa2
-
MD5
07976cdfa58a6a468bcc4f48f8d31fe9
-
SHA1
935e598a59c40999d35db0048eb49d704207a512
-
SHA256
144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b
-
SHA512
286277f7fba78ce00f984ead7f8b40ba50477a6ca8f8b028fff5439efa416ecf200e2ad45b0fda9c15a0f526658e8c3026ecb6128426b7737cf002d9713d6b58
Static task
static1
Behavioral task
behavioral1
Sample
144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b.bin.exe
Resource
win7-en-20210920
Malware Config
Targets
-
-
Target
144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b.bin
-
Size
4.8MB
-
MD5
07976cdfa58a6a468bcc4f48f8d31fe9
-
SHA1
935e598a59c40999d35db0048eb49d704207a512
-
SHA256
144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b
-
SHA512
286277f7fba78ce00f984ead7f8b40ba50477a6ca8f8b028fff5439efa416ecf200e2ad45b0fda9c15a0f526658e8c3026ecb6128426b7737cf002d9713d6b58
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-