General
-
Target
9d8203962d8b5788b97804558e4347eb.exe
-
Size
1.5MB
-
Sample
221001-jh493agfhj
-
MD5
9d8203962d8b5788b97804558e4347eb
-
SHA1
fbfec5c5bc40fab91e44e347d3429aa773968e06
-
SHA256
03c4a886c03d8eed421aa32b2df96d4b9a107d09aa5d797e69791b1b92794519
-
SHA512
a39ad21c40e6a623cfc1c9f8919b413af966f90e8847c2dcca7a85bca5908de0837a5ac11ba997ea0ee6e931775c0a01806b81f1f7a384d2294476c939ce6855
-
SSDEEP
24576:277xjRO4/1gy4+aDckmi7DaC+V+aqaGI5KMADy2n1Cpp4c7cxXZw:c7xjRJgywDCyDSWaCM0y2ngHdmu
Static task
static1
Behavioral task
behavioral1
Sample
9d8203962d8b5788b97804558e4347eb.exe
Resource
win7-20220812-en
Malware Config
Extracted
systembc
89.22.225.242:4193
195.2.93.22:4193
Targets
-
-
Target
9d8203962d8b5788b97804558e4347eb.exe
-
Size
1.5MB
-
MD5
9d8203962d8b5788b97804558e4347eb
-
SHA1
fbfec5c5bc40fab91e44e347d3429aa773968e06
-
SHA256
03c4a886c03d8eed421aa32b2df96d4b9a107d09aa5d797e69791b1b92794519
-
SHA512
a39ad21c40e6a623cfc1c9f8919b413af966f90e8847c2dcca7a85bca5908de0837a5ac11ba997ea0ee6e931775c0a01806b81f1f7a384d2294476c939ce6855
-
SSDEEP
24576:277xjRO4/1gy4+aDckmi7DaC+V+aqaGI5KMADy2n1Cpp4c7cxXZw:c7xjRJgywDCyDSWaCM0y2ngHdmu
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-