General
-
Target
a016b8b59f1c3da0242ef7cfbf2f096a6cd33c12cf7ff0fd93d57557f3675948
-
Size
295KB
-
Sample
220125-2ct61sggh2
-
MD5
c30ab024549c5f092a6ea3dd5c20564d
-
SHA1
f349ea57c8c43dc1b8c4e3ef618afc96056bce99
-
SHA256
a016b8b59f1c3da0242ef7cfbf2f096a6cd33c12cf7ff0fd93d57557f3675948
-
SHA512
35debaec0eacf792f6b354b90a58da9bc97069865461eceff11c763e69c914eed698c9b68104ba17b5778b873dacecc468fdbb18f15d6dfef03a248d7989bba1
Static task
static1
Behavioral task
behavioral1
Sample
a016b8b59f1c3da0242ef7cfbf2f096a6cd33c12cf7ff0fd93d57557f3675948.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
a016b8b59f1c3da0242ef7cfbf2f096a6cd33c12cf7ff0fd93d57557f3675948
-
Size
295KB
-
MD5
c30ab024549c5f092a6ea3dd5c20564d
-
SHA1
f349ea57c8c43dc1b8c4e3ef618afc96056bce99
-
SHA256
a016b8b59f1c3da0242ef7cfbf2f096a6cd33c12cf7ff0fd93d57557f3675948
-
SHA512
35debaec0eacf792f6b354b90a58da9bc97069865461eceff11c763e69c914eed698c9b68104ba17b5778b873dacecc468fdbb18f15d6dfef03a248d7989bba1
Score10/10-
Async RAT payload
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-