General
-
Target
SecuriteInfo.com.Trojan.Inject4.43325.7583.18575.exe
-
Size
6.5MB
-
Sample
220925-hzc2gafabr
-
MD5
35309a7f136e2c60ac74e53d0963a1e1
-
SHA1
5cd75a85d5a8d9d86403527289bce54982a22dc1
-
SHA256
e0418fa6c397e401b1cfdbb5202296c45ea77100ae6f9c7e5868cc3393a854ec
-
SHA512
2624832b89cc792aab6b7f8366fd5afc5cf79aa5c3cdc20e45fd547b1d3d9a65ba057505f06ebf62b9dc6f71f104e152131b20c8cdcd6c5cd47b5c0c57b1a0ff
-
SSDEEP
196608:Pv5UAWrtJP706QWu8Cx6TTryUAv9Z0HfkN:n5hWrtl706Q/IH1Av9yHf
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Inject4.43325.7583.18575.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.Inject4.43325.7583.18575.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.Inject4.43325.7583.18575.exe
-
Size
6.5MB
-
MD5
35309a7f136e2c60ac74e53d0963a1e1
-
SHA1
5cd75a85d5a8d9d86403527289bce54982a22dc1
-
SHA256
e0418fa6c397e401b1cfdbb5202296c45ea77100ae6f9c7e5868cc3393a854ec
-
SHA512
2624832b89cc792aab6b7f8366fd5afc5cf79aa5c3cdc20e45fd547b1d3d9a65ba057505f06ebf62b9dc6f71f104e152131b20c8cdcd6c5cd47b5c0c57b1a0ff
-
SSDEEP
196608:Pv5UAWrtJP706QWu8Cx6TTryUAv9Z0HfkN:n5hWrtl706Q/IH1Av9yHf
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-