General
-
Target
c606f5189c0ab97530d03f5ac2170c940e3dcaf5cf008672041aed7f11a3367c
-
Size
371KB
-
Sample
220520-3t5vhshee9
-
MD5
a66d66cfc418da4720c20b671cba331e
-
SHA1
d6f3ba61d0b0854b82573ebfcbea0cf2f95efe5d
-
SHA256
c606f5189c0ab97530d03f5ac2170c940e3dcaf5cf008672041aed7f11a3367c
-
SHA512
1ef69f2f4f43bfae7f8372a389b82a3b28e21f7f2ee4a21960e5b9648df3c34d5e10d3738f2d088bd56a57b25c45460a0b0a17042c3e83a7724d69eace6b2377
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7-20220414-en
Malware Config
Extracted
matiex
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
chikadibiaezeude@gmail.com - Password:
Godwithme2020ezeude
Targets
-
-
Target
sample.exe
-
Size
478KB
-
MD5
7fe68a75d5f97b92396dd4ccc87c520b
-
SHA1
e05743081dcfe789e19edbb96b9d28e09e5566eb
-
SHA256
aee3342cf4c2b1994336f3b0ebb9cf4a63c52fa41ef4430f83ac320aaba063bf
-
SHA512
0da16a7b747c6013f84f4d817187a8f037bb4141dd39596cce62b537109e9d1d9f61abe14f3053d58363bad2cddd7a721fa83e29f520356dd1e417d8753d55a7
-
Matiex Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-