General
-
Target
f7677db1078c998f8b24486fc49f52cc7be0cfa707e70f7b05fe3c7e49d4a1ad
-
Size
635KB
-
Sample
220725-gftdnshchk
-
MD5
ed2250ce67d2af04df7cacb3aefebca8
-
SHA1
273b9b13ef5a44280acc7906169de5817522d71a
-
SHA256
f7677db1078c998f8b24486fc49f52cc7be0cfa707e70f7b05fe3c7e49d4a1ad
-
SHA512
ccf908b64011b2163f5329ba403d06b8b19c8e3e2b32acb8e2c23ef639523865519fdb5458a81ac63e1e2bef52904fa5ba255eb967f19021673d953a8a5cb143
Static task
static1
Behavioral task
behavioral1
Sample
Scan Copy$$.scr
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
Scan Copy$$.scr
-
Size
1.1MB
-
MD5
7abe31b58ea898b5f25c33d9572d70ca
-
SHA1
a6be14ddb35a3d13d826bcc5833836b5ef4c8e4a
-
SHA256
01dbae054610259b1b33585a88a042e8762ec1c5a239c9fd0f821dc240235c16
-
SHA512
bf56d9321467b93011258753e3fd976755e2f4a1e81a95a4b1fcdf3eff45a7e1a70d58049d6a9da2d00dc6a9c7536eaebe4a680f72f8a351b3456f246cf99110
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-