General
-
Target
d1b958353020c2d0f1f6dfda38d088a137d83715c41ae056def611eb59b1f8e3
-
Size
646KB
-
Sample
220724-zq7yxsgah6
-
MD5
e58a489c64c2ef3645750a6f32cdb33b
-
SHA1
795e1300ddf9e19c1081f56858e193f6a523a724
-
SHA256
d1b958353020c2d0f1f6dfda38d088a137d83715c41ae056def611eb59b1f8e3
-
SHA512
5a57321cbc1fa268e8db8fa5295a900abbc55d5f95d7a2eef9d40ccc0e84be79c02013de86b83d42c1dd1a52208cbc8fec2d32455917b70ca389a9aca8183970
Static task
static1
Behavioral task
behavioral1
Sample
d1b958353020c2d0f1f6dfda38d088a137d83715c41ae056def611eb59b1f8e3.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
d1b958353020c2d0f1f6dfda38d088a137d83715c41ae056def611eb59b1f8e3
-
Size
646KB
-
MD5
e58a489c64c2ef3645750a6f32cdb33b
-
SHA1
795e1300ddf9e19c1081f56858e193f6a523a724
-
SHA256
d1b958353020c2d0f1f6dfda38d088a137d83715c41ae056def611eb59b1f8e3
-
SHA512
5a57321cbc1fa268e8db8fa5295a900abbc55d5f95d7a2eef9d40ccc0e84be79c02013de86b83d42c1dd1a52208cbc8fec2d32455917b70ca389a9aca8183970
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-