General
-
Target
bcb3f5843cba83b163c793e06e5d583a021da1c5794fdd7e484e6ad0f9655e8f
-
Size
624KB
-
Sample
220126-ada1zsadb8
-
MD5
041e966e088ae931009805da96e4997d
-
SHA1
09877b64628255c310a4dd310593a6c52b1db9dc
-
SHA256
bcb3f5843cba83b163c793e06e5d583a021da1c5794fdd7e484e6ad0f9655e8f
-
SHA512
c201f5b6c3a223e2064abcd7966edfd01f5df9f5e5d0c59a4d376141a86a60252e1c5cd6b1409d93dc6ee6ab886d271f5790ebae5d6721361f2f7a044dbf7290
Static task
static1
Behavioral task
behavioral1
Sample
bcb3f5843cba83b163c793e06e5d583a021da1c5794fdd7e484e6ad0f9655e8f.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
bcb3f5843cba83b163c793e06e5d583a021da1c5794fdd7e484e6ad0f9655e8f
-
Size
624KB
-
MD5
041e966e088ae931009805da96e4997d
-
SHA1
09877b64628255c310a4dd310593a6c52b1db9dc
-
SHA256
bcb3f5843cba83b163c793e06e5d583a021da1c5794fdd7e484e6ad0f9655e8f
-
SHA512
c201f5b6c3a223e2064abcd7966edfd01f5df9f5e5d0c59a4d376141a86a60252e1c5cd6b1409d93dc6ee6ab886d271f5790ebae5d6721361f2f7a044dbf7290
Score10/10-
Async RAT payload
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-