General
-
Target
Specification.exe
-
Size
717KB
-
Sample
220701-mpp1haece5
-
MD5
20796a16b1839afba1f87ed53e7bd841
-
SHA1
d5bd0d0efc2059dbbf1eaaa30b1c859c313d9250
-
SHA256
2d0474bfb8aced6c0aacc081936209dc9287827e20284160ceae3edca8a50184
-
SHA512
ad809362c428bdd0d30f56e4fe8f4bfd7960849575451b33c642d5fc7d424e7eb355ec3caba95f02040a80d505db4f04edf363dd7dbdbe79df94ccb22dbce09f
Static task
static1
Behavioral task
behavioral1
Sample
Specification.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Specification.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Specification.exe
-
Size
717KB
-
MD5
20796a16b1839afba1f87ed53e7bd841
-
SHA1
d5bd0d0efc2059dbbf1eaaa30b1c859c313d9250
-
SHA256
2d0474bfb8aced6c0aacc081936209dc9287827e20284160ceae3edca8a50184
-
SHA512
ad809362c428bdd0d30f56e4fe8f4bfd7960849575451b33c642d5fc7d424e7eb355ec3caba95f02040a80d505db4f04edf363dd7dbdbe79df94ccb22dbce09f
Score10/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-