General
-
Target
3af069d5ff9c683e5c4a13a9cb01d86baf46d058e2add164085093cdb9bd28e4
-
Size
457KB
-
Sample
220703-wy724sdha4
-
MD5
9d9f64b316d0a78f943f9768b0b4b481
-
SHA1
fbd8f583b3a9da69ad2b39824f95120322f503f7
-
SHA256
3af069d5ff9c683e5c4a13a9cb01d86baf46d058e2add164085093cdb9bd28e4
-
SHA512
1af5672f263ab6d27b4a419cb5d1930d116284cf92632b86ffd3475f85e0abf5407f331a75594d9866b8c1f0f38b2f058f59ed838104fcecd02dc9b2ef9dcff1
Static task
static1
Behavioral task
behavioral1
Sample
INQUIRY NO- 2744.js
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
INQUIRY NO- 2744.js
-
Size
2.1MB
-
MD5
2f3507015138a0ef0d3c91fca1fcf5f2
-
SHA1
7cf3028b2f73ee9a7474b242721fbf9d1639e6c8
-
SHA256
bde745851b6cfd0b1f52692ff12873484fc0553f0a4c22976a71404991557655
-
SHA512
62c2ad91c890f7763063625f8f4dcee4f4eb845de9bd9ea9a65988d9915e55095c77c492848ecd66567c17ddc0d5bada37edc05a89dc0fc6fb1f76568f75aa68
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-