General
-
Target
28e651659becc0d7a854a0ad210f6ac1c0cbba7a17ecfb1c09cfbdfb2cb998c2
-
Size
1.0MB
-
Sample
221002-2pe8madhd8
-
MD5
6f110e5d0e28b1c4ffad266eee0049bb
-
SHA1
a2f820433b5ccb1415126811c9bf0f3854b086bd
-
SHA256
28e651659becc0d7a854a0ad210f6ac1c0cbba7a17ecfb1c09cfbdfb2cb998c2
-
SHA512
f77bb882ec2c7e2fe8cfae0f0f156f9416fc2ecdb036c5cf0a1a3160c202b88f1b1aa63cf0d118fb92c243e595a87a6e7bcc0543418d2b6961d1388f3177b00d
-
SSDEEP
24576:02O/GlfYe5SrSwO45TYl3y4JU9L2gfV7nJQ5WRPuCQ7i2:vYmt8I3yv9jdbJqWRPuri2
Static task
static1
Behavioral task
behavioral1
Sample
28e651659becc0d7a854a0ad210f6ac1c0cbba7a17ecfb1c09cfbdfb2cb998c2.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
28e651659becc0d7a854a0ad210f6ac1c0cbba7a17ecfb1c09cfbdfb2cb998c2.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
28e651659becc0d7a854a0ad210f6ac1c0cbba7a17ecfb1c09cfbdfb2cb998c2
-
Size
1.0MB
-
MD5
6f110e5d0e28b1c4ffad266eee0049bb
-
SHA1
a2f820433b5ccb1415126811c9bf0f3854b086bd
-
SHA256
28e651659becc0d7a854a0ad210f6ac1c0cbba7a17ecfb1c09cfbdfb2cb998c2
-
SHA512
f77bb882ec2c7e2fe8cfae0f0f156f9416fc2ecdb036c5cf0a1a3160c202b88f1b1aa63cf0d118fb92c243e595a87a6e7bcc0543418d2b6961d1388f3177b00d
-
SSDEEP
24576:02O/GlfYe5SrSwO45TYl3y4JU9L2gfV7nJQ5WRPuCQ7i2:vYmt8I3yv9jdbJqWRPuri2
Score10/10-
Modifies firewall policy service
-
Modifies visiblity of hidden/system files in Explorer
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-