General
-
Target
fdda853b067a704276a822cc0f2e5febd68d8d842e78cb4cb4fb255c4af0442e
-
Size
408KB
-
Sample
220521-b7zf4sgdfn
-
MD5
25019ae1bc7fc82eed97ea8be7642dcf
-
SHA1
692d041ce89796874416c86bfba65803f8f85eef
-
SHA256
fdda853b067a704276a822cc0f2e5febd68d8d842e78cb4cb4fb255c4af0442e
-
SHA512
dbd07960a1618e6d287cadc77cdacd51b7bd2aac1874dd254b7c1f1f99b393f9840288693029ebd0993cfda387cc9a091f505161efe5d809c1a45300318567e1
Static task
static1
Behavioral task
behavioral1
Sample
Fenc_General Presentation.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Fenc_General Presentation.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Fenc_General Presentation.exe
-
Size
447KB
-
MD5
6550d5ad0410e634c7bab8e161fadf88
-
SHA1
8819193d0ad3e5c5717107aca3920ed283c53e80
-
SHA256
bd2bf7c79dda8208f9ec0c2199d1ec61058aa43bbe6f8548623444fc143a3aec
-
SHA512
57eb107f455af652096ea9bef547c90e460216a948883bf70564651d058b039ad62ad4e80c1c52ec15218d58dcb4bb8b2b48830b37bde30962a5c676838bd39c
Score10/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-