General
-
Target
12a51367c5c85ff3c1dc73743cface2e01accecf2879a36adbddf566d52987b3
-
Size
438KB
-
Sample
220802-k722nsdcd9
-
MD5
2f3d0323ba962334ef87ed098ad02289
-
SHA1
5b4c70e331af83eaf384f45a01e322b094353375
-
SHA256
12a51367c5c85ff3c1dc73743cface2e01accecf2879a36adbddf566d52987b3
-
SHA512
1e33ace1068f614bfac35aa67733c2806328b586be273a611409df87be03c5edc9e312ab213004c8fab71453ef5e34e474d9273c4a97d95d135c18f440674ad3
Static task
static1
Malware Config
Targets
-
-
Target
12a51367c5c85ff3c1dc73743cface2e01accecf2879a36adbddf566d52987b3
-
Size
438KB
-
MD5
2f3d0323ba962334ef87ed098ad02289
-
SHA1
5b4c70e331af83eaf384f45a01e322b094353375
-
SHA256
12a51367c5c85ff3c1dc73743cface2e01accecf2879a36adbddf566d52987b3
-
SHA512
1e33ace1068f614bfac35aa67733c2806328b586be273a611409df87be03c5edc9e312ab213004c8fab71453ef5e34e474d9273c4a97d95d135c18f440674ad3
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-