General
-
Target
092c22cf22105d144de979b952ac24e306580e583bf15e34595dd73af10d51fc
-
Size
650KB
-
Sample
220701-sf6vjshdcl
-
MD5
4f0001ab444cf514afa8ef16347b5705
-
SHA1
76e9836a1532a704b351c0d36f489c19f667c457
-
SHA256
092c22cf22105d144de979b952ac24e306580e583bf15e34595dd73af10d51fc
-
SHA512
dd568e0fc4dbc4096433747ff98036b960070cc2c3cf7653ba462132894c926f937594ae593108e26999346fd97c55f01a16068abab7488c44fca78c34316303
Static task
static1
Behavioral task
behavioral1
Sample
Quotation_output286C8B0.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
Quotation_output286C8B0.exe
-
Size
1.1MB
-
MD5
bcfce87c088955b1f7db326d2ea20974
-
SHA1
1e24d9270c35f532acb840f6491fe148b3d5ab24
-
SHA256
2aa7b820732b4617b4ff37d318478abc78cbf8e98f49d2724ca1fc7eeac6a4cd
-
SHA512
6cf47b638a6832e71b56e65c519ff6544d5337e9cb9004438950ffe41b6a97c1191b6720f274ff114b0bf8949626f2d787031c6e87c510e0deb60a6d58f62996
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-