General
-
Target
9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d
-
Size
867KB
-
Sample
220625-lfnweaegek
-
MD5
8cd4959a5cd09b4c4192bf1c1a3a796f
-
SHA1
b59225976d8197e38cb5bc1d13b8a5ed1d0a25c9
-
SHA256
9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d
-
SHA512
b1c92e532dbb3d5a1d57845d48694c9087c1a02b713700194593a4b22745366003c61ed3278fcb8276355a7996d276559ba6eb108306fd9417fcf2a5ad2b7d71
Static task
static1
Behavioral task
behavioral1
Sample
9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d
-
Size
867KB
-
MD5
8cd4959a5cd09b4c4192bf1c1a3a796f
-
SHA1
b59225976d8197e38cb5bc1d13b8a5ed1d0a25c9
-
SHA256
9f54853cd9ca3de3f36a870d6c6b7ad122d529e6dcf97bf6c88a839fb6ba032d
-
SHA512
b1c92e532dbb3d5a1d57845d48694c9087c1a02b713700194593a4b22745366003c61ed3278fcb8276355a7996d276559ba6eb108306fd9417fcf2a5ad2b7d71
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-