General
-
Target
532856fb0deaa8eae84400f25b6d03359db9a7316af586d94e1bbd82a55f10da
-
Size
444KB
-
Sample
220609-qjdl3acgg3
-
MD5
e9e4ded00a733fdee91ee142436242f4
-
SHA1
1b8fa1ff498a4f65c0ce778f3a918e4fed6f2728
-
SHA256
532856fb0deaa8eae84400f25b6d03359db9a7316af586d94e1bbd82a55f10da
-
SHA512
8e70d47876717c7d1342b7173aef4422175bc6bcdb4ccdbc43e2f2ca01adb0d7d030b739c414cba8c9a08d213e9522f28b893da1ab12ff24a6923acf7561bfe1
Static task
static1
Behavioral task
behavioral1
Sample
532856fb0deaa8eae84400f25b6d03359db9a7316af586d94e1bbd82a55f10da.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
532856fb0deaa8eae84400f25b6d03359db9a7316af586d94e1bbd82a55f10da.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
532856fb0deaa8eae84400f25b6d03359db9a7316af586d94e1bbd82a55f10da
-
Size
444KB
-
MD5
e9e4ded00a733fdee91ee142436242f4
-
SHA1
1b8fa1ff498a4f65c0ce778f3a918e4fed6f2728
-
SHA256
532856fb0deaa8eae84400f25b6d03359db9a7316af586d94e1bbd82a55f10da
-
SHA512
8e70d47876717c7d1342b7173aef4422175bc6bcdb4ccdbc43e2f2ca01adb0d7d030b739c414cba8c9a08d213e9522f28b893da1ab12ff24a6923acf7561bfe1
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-