General
-
Target
8854e55c47b161a9a34bbd04b9d50c0d7001437e3a9bbea2ab4a07bf9821fdf6
-
Size
182KB
-
Sample
220625-fjf23sehgm
-
MD5
fffdd134d751be12101103ffe3498666
-
SHA1
b010f97b315fd21c22172c982f35fb506d2ce0c9
-
SHA256
8854e55c47b161a9a34bbd04b9d50c0d7001437e3a9bbea2ab4a07bf9821fdf6
-
SHA512
fa763ae118ec25dfa8bd0785043f46a82e12a321fffea3b9f32f02f5f5b0262ec2a6d519737a127802ded5f3490dedef4874434f90d9beed9e04b6541821f1b0
Static task
static1
Behavioral task
behavioral1
Sample
8854e55c47b161a9a34bbd04b9d50c0d7001437e3a9bbea2ab4a07bf9821fdf6.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
8854e55c47b161a9a34bbd04b9d50c0d7001437e3a9bbea2ab4a07bf9821fdf6.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
8854e55c47b161a9a34bbd04b9d50c0d7001437e3a9bbea2ab4a07bf9821fdf6
-
Size
182KB
-
MD5
fffdd134d751be12101103ffe3498666
-
SHA1
b010f97b315fd21c22172c982f35fb506d2ce0c9
-
SHA256
8854e55c47b161a9a34bbd04b9d50c0d7001437e3a9bbea2ab4a07bf9821fdf6
-
SHA512
fa763ae118ec25dfa8bd0785043f46a82e12a321fffea3b9f32f02f5f5b0262ec2a6d519737a127802ded5f3490dedef4874434f90d9beed9e04b6541821f1b0
Score9/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-