General
-
Target
Detalles de facturas vencidas COMPAÑIA CLARO.exe
-
Size
913KB
-
Sample
220702-e5nhlsdbhk
-
MD5
2f28b1b002f2f9548bd1628c68f86ec5
-
SHA1
c692aaad7f27ffcc21a20294e9745d4d48a58971
-
SHA256
67b1918dd74d4688f5daffd8855edd0cfd9e8e1e5db7bf064b12eec82fd4b240
-
SHA512
986a8d9efa4f8fc159d5e933eb390a1945b3fb344d45e6884e523ebcabd71772ff72f54e5fae5865bb4a5b65defc8f14e03e3ca4aa26e7e2766c643307f66a14
Static task
static1
Behavioral task
behavioral1
Sample
Detalles de facturas vencidas COMPAÑIA CLARO.exe
Resource
win7-20220414-es
Behavioral task
behavioral2
Sample
Detalles de facturas vencidas COMPAÑIA CLARO.exe
Resource
win10v2004-20220414-es
Malware Config
Targets
-
-
Target
Detalles de facturas vencidas COMPAÑIA CLARO.exe
-
Size
913KB
-
MD5
2f28b1b002f2f9548bd1628c68f86ec5
-
SHA1
c692aaad7f27ffcc21a20294e9745d4d48a58971
-
SHA256
67b1918dd74d4688f5daffd8855edd0cfd9e8e1e5db7bf064b12eec82fd4b240
-
SHA512
986a8d9efa4f8fc159d5e933eb390a1945b3fb344d45e6884e523ebcabd71772ff72f54e5fae5865bb4a5b65defc8f14e03e3ca4aa26e7e2766c643307f66a14
Score10/10-
DarkTrack Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-