General
-
Target
e80ac907c83884a675b31221c0f9cff0.exe
-
Size
1.7MB
-
Sample
220906-nyfc4aheeq
-
MD5
e80ac907c83884a675b31221c0f9cff0
-
SHA1
68830f46c5644e7496d320add7aae88f5ec3f14c
-
SHA256
9967989c15c0f7ae425e0980837f6caa91bd9475e97c935ff1ca9e00964423e6
-
SHA512
c0cc311c970b915e9996169189be4b49f25d4f421efa5fe1b1142a2c3698e451a710c724dd052c10f2517dd4949f4201ce5b828f19f75d8367d08d5de5761449
-
SSDEEP
49152:VumnFHeIqTwCtwzfyY2KGeCs6B1r55zYHF4:QmnFHe/TwCt2lGX5R5qHF4
Static task
static1
Behavioral task
behavioral1
Sample
e80ac907c83884a675b31221c0f9cff0.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e80ac907c83884a675b31221c0f9cff0.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
systembc
89.22.225.242:4193
195.2.93.22:4193
Targets
-
-
Target
e80ac907c83884a675b31221c0f9cff0.exe
-
Size
1.7MB
-
MD5
e80ac907c83884a675b31221c0f9cff0
-
SHA1
68830f46c5644e7496d320add7aae88f5ec3f14c
-
SHA256
9967989c15c0f7ae425e0980837f6caa91bd9475e97c935ff1ca9e00964423e6
-
SHA512
c0cc311c970b915e9996169189be4b49f25d4f421efa5fe1b1142a2c3698e451a710c724dd052c10f2517dd4949f4201ce5b828f19f75d8367d08d5de5761449
-
SSDEEP
49152:VumnFHeIqTwCtwzfyY2KGeCs6B1r55zYHF4:QmnFHe/TwCt2lGX5R5qHF4
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-