General
-
Target
93e50513752ec7431a1e1a5a50fbaf66d1dabebb00753fb40c5ea3cb74f797ca
-
Size
6.1MB
-
Sample
220415-h2lfmabbek
-
MD5
482e2fa27a9d4ed483feedcc72ce3b48
-
SHA1
2fd62a89e0495211eab4b3aaac68b88498f3c0a9
-
SHA256
93e50513752ec7431a1e1a5a50fbaf66d1dabebb00753fb40c5ea3cb74f797ca
-
SHA512
35582b0cd5557f9bd38898fa87f4f46411dbfbee4390c23fcec2ff55ad9ae5f3d33e6c14222e0a5753e295fb80fb5da906d9123d866820db6c21c2f24774fa82
Static task
static1
Behavioral task
behavioral1
Sample
93e50513752ec7431a1e1a5a50fbaf66d1dabebb00753fb40c5ea3cb74f797ca.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
93e50513752ec7431a1e1a5a50fbaf66d1dabebb00753fb40c5ea3cb74f797ca
-
Size
6.1MB
-
MD5
482e2fa27a9d4ed483feedcc72ce3b48
-
SHA1
2fd62a89e0495211eab4b3aaac68b88498f3c0a9
-
SHA256
93e50513752ec7431a1e1a5a50fbaf66d1dabebb00753fb40c5ea3cb74f797ca
-
SHA512
35582b0cd5557f9bd38898fa87f4f46411dbfbee4390c23fcec2ff55ad9ae5f3d33e6c14222e0a5753e295fb80fb5da906d9123d866820db6c21c2f24774fa82
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-