General
-
Target
32a56b4e67436bdd3d39809a9be949b8.exe
-
Size
275KB
-
Sample
220923-gynwxadcg7
-
MD5
32a56b4e67436bdd3d39809a9be949b8
-
SHA1
dac60ca2763d18ce9451b28f4d0a1d9fbdc3f4fc
-
SHA256
5f6475a6d18503fbc2eb916e32ed1d6b4769f58d364ef2f94c2fd1a52c9aa1df
-
SHA512
70b8dc7b1509cfa3975c97baa4a2b49746fac2438307ab97ae67bdd0e98d2d26e05f2e83c0349234b4deb9314715aea01084fd11e7f77b2d4bba856aa7726e47
-
SSDEEP
3072:KxWdQMVESKpObIWR9NmLp9yei5KG4ZGYV8cVpFY:KxWGYKg94rJZt
Static task
static1
Behavioral task
behavioral1
Sample
32a56b4e67436bdd3d39809a9be949b8.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
32a56b4e67436bdd3d39809a9be949b8.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
32a56b4e67436bdd3d39809a9be949b8.exe
-
Size
275KB
-
MD5
32a56b4e67436bdd3d39809a9be949b8
-
SHA1
dac60ca2763d18ce9451b28f4d0a1d9fbdc3f4fc
-
SHA256
5f6475a6d18503fbc2eb916e32ed1d6b4769f58d364ef2f94c2fd1a52c9aa1df
-
SHA512
70b8dc7b1509cfa3975c97baa4a2b49746fac2438307ab97ae67bdd0e98d2d26e05f2e83c0349234b4deb9314715aea01084fd11e7f77b2d4bba856aa7726e47
-
SSDEEP
3072:KxWdQMVESKpObIWR9NmLp9yei5KG4ZGYV8cVpFY:KxWGYKg94rJZt
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-