General
-
Target
03b841fc953b4e51fc53b5cd725e85098cefb9e2e48bb49cef2600251745bd1d
-
Size
681KB
-
Sample
220126-gs9anahgd7
-
MD5
3602c23ee74f582aa7264365dfe6ae31
-
SHA1
ff1ef17038075bf5c43a43126b98794428453e99
-
SHA256
03b841fc953b4e51fc53b5cd725e85098cefb9e2e48bb49cef2600251745bd1d
-
SHA512
73243c38a136a2186d04374c14ab5e1699f2f5e348b39820f34b88af39711ffc8fe8a2d33598392c0fe047d15cc00e53f74753e747d8ac46d976fa563635a9c3
Static task
static1
Behavioral task
behavioral1
Sample
03b841fc953b4e51fc53b5cd725e85098cefb9e2e48bb49cef2600251745bd1d.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
03b841fc953b4e51fc53b5cd725e85098cefb9e2e48bb49cef2600251745bd1d
-
Size
681KB
-
MD5
3602c23ee74f582aa7264365dfe6ae31
-
SHA1
ff1ef17038075bf5c43a43126b98794428453e99
-
SHA256
03b841fc953b4e51fc53b5cd725e85098cefb9e2e48bb49cef2600251745bd1d
-
SHA512
73243c38a136a2186d04374c14ab5e1699f2f5e348b39820f34b88af39711ffc8fe8a2d33598392c0fe047d15cc00e53f74753e747d8ac46d976fa563635a9c3
Score10/10-
Async RAT payload
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-