General
-
Target
3e61d54b27423519ef47608a2f5be733e7fae3cacd6db0a9b499dddf60d63bf0
-
Size
1.4MB
-
Sample
220701-jftqjsbga2
-
MD5
06b1f141fdfdb0e11269be502f8b45b5
-
SHA1
8565e1195e42a9f320e7bbb2cdc15a7b33a7cb72
-
SHA256
3e61d54b27423519ef47608a2f5be733e7fae3cacd6db0a9b499dddf60d63bf0
-
SHA512
80f9545c6a761b8785150e5881504c3ac2963430195109fa142f0f3ff316136db49aa1f05735a415344008513150fa98731df9904777603598f7b9f3884bfc95
Static task
static1
Behavioral task
behavioral1
Sample
3e61d54b27423519ef47608a2f5be733e7fae3cacd6db0a9b499dddf60d63bf0.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
3e61d54b27423519ef47608a2f5be733e7fae3cacd6db0a9b499dddf60d63bf0
-
Size
1.4MB
-
MD5
06b1f141fdfdb0e11269be502f8b45b5
-
SHA1
8565e1195e42a9f320e7bbb2cdc15a7b33a7cb72
-
SHA256
3e61d54b27423519ef47608a2f5be733e7fae3cacd6db0a9b499dddf60d63bf0
-
SHA512
80f9545c6a761b8785150e5881504c3ac2963430195109fa142f0f3ff316136db49aa1f05735a415344008513150fa98731df9904777603598f7b9f3884bfc95
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-