General
-
Target
51eeac69a7ec95246f2911db6c24103f6d4641ad9d0bc9d7a05ba76cfc73a351
-
Size
1.6MB
-
Sample
220717-rcj1yacack
-
MD5
8dc37e79dea9c99664a8025a21870d3c
-
SHA1
b8b93e441f4d781412375f2844a3d3978ac03143
-
SHA256
51eeac69a7ec95246f2911db6c24103f6d4641ad9d0bc9d7a05ba76cfc73a351
-
SHA512
b5d14b97406c5a2620e48025a661d28dbd37faa76e457904eb7bc66e31728025f99ad0a2536a187ee962cb24b7aa322d6eb8cb6ed41609c4c0ccf538a921b461
Static task
static1
Behavioral task
behavioral1
Sample
51eeac69a7ec95246f2911db6c24103f6d4641ad9d0bc9d7a05ba76cfc73a351.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
51eeac69a7ec95246f2911db6c24103f6d4641ad9d0bc9d7a05ba76cfc73a351.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
51eeac69a7ec95246f2911db6c24103f6d4641ad9d0bc9d7a05ba76cfc73a351
-
Size
1.6MB
-
MD5
8dc37e79dea9c99664a8025a21870d3c
-
SHA1
b8b93e441f4d781412375f2844a3d3978ac03143
-
SHA256
51eeac69a7ec95246f2911db6c24103f6d4641ad9d0bc9d7a05ba76cfc73a351
-
SHA512
b5d14b97406c5a2620e48025a661d28dbd37faa76e457904eb7bc66e31728025f99ad0a2536a187ee962cb24b7aa322d6eb8cb6ed41609c4c0ccf538a921b461
Score8/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-