General
-
Target
ad8002665212315615652315615dd45165456456f46456a46565465456a5641321564ca546546ff4654265165165425646789462564616546516fa4561646546pdf.exe
-
Size
672KB
-
Sample
220928-lxlglsfee7
-
MD5
c15c06202479856ab3f043062ba19982
-
SHA1
7331fb30be702664f12c1b259d836526e8c4eaee
-
SHA256
2c43108365bff7cfaa206e1232b973ec0028fe1f5ab7b0c64154cd27bc9d193e
-
SHA512
2bb3e92e8786e22454a6a206f7fb90ecf37352f3e0f93dcaa3329b6865474ea1bd4f187390fa579addc68fddb2630a73e4bd918e5486f15963d40440af442445
-
SSDEEP
12288:GzpFvtttDZ0k4A1A+42wY99DgFA1acULgwpa6O8QlaIPbSf8CGnYXl:GFtth11AguFYHmy8QMsSf8GXl
Static task
static1
Behavioral task
behavioral1
Sample
ad8002665212315615652315615dd45165456456f46456a46565465456a5641321564ca546546ff465426516516542564678.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ad8002665212315615652315615dd45165456456f46456a46565465456a5641321564ca546546ff465426516516542564678.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
ad8002665212315615652315615dd45165456456f46456a46565465456a5641321564ca546546ff4654265165165425646789462564616546516fa4561646546pdf.exe
-
Size
672KB
-
MD5
c15c06202479856ab3f043062ba19982
-
SHA1
7331fb30be702664f12c1b259d836526e8c4eaee
-
SHA256
2c43108365bff7cfaa206e1232b973ec0028fe1f5ab7b0c64154cd27bc9d193e
-
SHA512
2bb3e92e8786e22454a6a206f7fb90ecf37352f3e0f93dcaa3329b6865474ea1bd4f187390fa579addc68fddb2630a73e4bd918e5486f15963d40440af442445
-
SSDEEP
12288:GzpFvtttDZ0k4A1A+42wY99DgFA1acULgwpa6O8QlaIPbSf8CGnYXl:GFtth11AguFYHmy8QMsSf8GXl
Score10/10-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-