General
-
Target
61f4cffbaf458455c6a2b535ab122054dfbf9bbe38ffc901628d6dcf59565826
-
Size
6.1MB
-
Sample
220415-ebx5yscbhk
-
MD5
791aaa29203972c86c9fe34f404001ea
-
SHA1
289ae7d7bc3f38dd4486926309c65937d0730829
-
SHA256
61f4cffbaf458455c6a2b535ab122054dfbf9bbe38ffc901628d6dcf59565826
-
SHA512
5202e11fd10fdcce03b4279660ef4c65f1df3d3be850a95401fd358e6b269a0716f026d453fdf7cb31045a1b35a183528a3b4743a76766d98387cad10c60904d
Static task
static1
Behavioral task
behavioral1
Sample
61f4cffbaf458455c6a2b535ab122054dfbf9bbe38ffc901628d6dcf59565826.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
61f4cffbaf458455c6a2b535ab122054dfbf9bbe38ffc901628d6dcf59565826
-
Size
6.1MB
-
MD5
791aaa29203972c86c9fe34f404001ea
-
SHA1
289ae7d7bc3f38dd4486926309c65937d0730829
-
SHA256
61f4cffbaf458455c6a2b535ab122054dfbf9bbe38ffc901628d6dcf59565826
-
SHA512
5202e11fd10fdcce03b4279660ef4c65f1df3d3be850a95401fd358e6b269a0716f026d453fdf7cb31045a1b35a183528a3b4743a76766d98387cad10c60904d
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-