General
-
Target
e9941d6066edc610eeab228d15dc7cea14d2613d5005e2040ba49d510c012757
-
Size
300KB
-
Sample
220619-h78s4sgah9
-
MD5
925e5cc6c24e1e19a63e0864fb3b0b7e
-
SHA1
50b910f1c263181179dcd374116384309c1452bd
-
SHA256
e9941d6066edc610eeab228d15dc7cea14d2613d5005e2040ba49d510c012757
-
SHA512
f91c1a890f74dd637bc1a99f13a2c0de522a088246a10e065c2246bb531082ce872205520843386125e1421d456243885466a1307985446a82ec223b42f71246
Static task
static1
Behavioral task
behavioral1
Sample
e9941d6066edc610eeab228d15dc7cea14d2613d5005e2040ba49d510c012757.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
tofsee
svartalfheim.top
jotunheim.name
Targets
-
-
Target
e9941d6066edc610eeab228d15dc7cea14d2613d5005e2040ba49d510c012757
-
Size
300KB
-
MD5
925e5cc6c24e1e19a63e0864fb3b0b7e
-
SHA1
50b910f1c263181179dcd374116384309c1452bd
-
SHA256
e9941d6066edc610eeab228d15dc7cea14d2613d5005e2040ba49d510c012757
-
SHA512
f91c1a890f74dd637bc1a99f13a2c0de522a088246a10e065c2246bb531082ce872205520843386125e1421d456243885466a1307985446a82ec223b42f71246
Score10/10-
Creates new service(s)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-