General
-
Target
61f9d2b055b4c6b2fcd157f73ae63cd1.exe.vir
-
Size
1.5MB
-
Sample
220930-sw1ngaehcl
-
MD5
61f9d2b055b4c6b2fcd157f73ae63cd1
-
SHA1
f4e42225c42c5378ccd4e03b7ccb465d79797388
-
SHA256
4119afdd7fb25978a0f7fa74cdb6be97df0a67ddc3607efbce5de855d9a765d2
-
SHA512
58e321c0d746ed4da8f7bbe19c4524544449a67f1f84b5cb87b3c64107bf6639ed0f163d5f5f8cfa58cbd7dbfacb12439cfea5376dc052f271df124e09fe2c3e
-
SSDEEP
24576:277xjRO4/1gy4+aDckmi7DaC+V+aqaGI5KMADy2n1Cpp4c7cxXZh:c7xjRJgywDCyDSWaCM0y2ngHdm7
Static task
static1
Behavioral task
behavioral1
Sample
61f9d2b055b4c6b2fcd157f73ae63cd1.exe
Resource
win7-20220812-en
Malware Config
Extracted
systembc
89.22.225.242:4193
195.2.93.22:4193
Targets
-
-
Target
61f9d2b055b4c6b2fcd157f73ae63cd1.exe.vir
-
Size
1.5MB
-
MD5
61f9d2b055b4c6b2fcd157f73ae63cd1
-
SHA1
f4e42225c42c5378ccd4e03b7ccb465d79797388
-
SHA256
4119afdd7fb25978a0f7fa74cdb6be97df0a67ddc3607efbce5de855d9a765d2
-
SHA512
58e321c0d746ed4da8f7bbe19c4524544449a67f1f84b5cb87b3c64107bf6639ed0f163d5f5f8cfa58cbd7dbfacb12439cfea5376dc052f271df124e09fe2c3e
-
SSDEEP
24576:277xjRO4/1gy4+aDckmi7DaC+V+aqaGI5KMADy2n1Cpp4c7cxXZh:c7xjRJgywDCyDSWaCM0y2ngHdm7
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-