General
-
Target
70f4d7dc4bcfe2a231f5407a9b37743ca1397f04f358a41416cc1ce17f3b4dea
-
Size
678KB
-
Sample
220126-j1er5abah4
-
MD5
85ab0f963311cda7e0c1e7028dd30e34
-
SHA1
832d6afd5707a3dfda94db1587802a7afd5221ca
-
SHA256
70f4d7dc4bcfe2a231f5407a9b37743ca1397f04f358a41416cc1ce17f3b4dea
-
SHA512
283ac02efbef15f7c2652fc5d9ca75187856ca49f24cff32e2ab3d08611570d9a3b806b50a52c69099a681094b8a9ca5e48bb167b48fe2aa7fa7224eb62cbfbb
Static task
static1
Behavioral task
behavioral1
Sample
70f4d7dc4bcfe2a231f5407a9b37743ca1397f04f358a41416cc1ce17f3b4dea.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
70f4d7dc4bcfe2a231f5407a9b37743ca1397f04f358a41416cc1ce17f3b4dea
-
Size
678KB
-
MD5
85ab0f963311cda7e0c1e7028dd30e34
-
SHA1
832d6afd5707a3dfda94db1587802a7afd5221ca
-
SHA256
70f4d7dc4bcfe2a231f5407a9b37743ca1397f04f358a41416cc1ce17f3b4dea
-
SHA512
283ac02efbef15f7c2652fc5d9ca75187856ca49f24cff32e2ab3d08611570d9a3b806b50a52c69099a681094b8a9ca5e48bb167b48fe2aa7fa7224eb62cbfbb
Score10/10-
Async RAT payload
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-