General
-
Target
30cc674865403c5ad3eb246fbb4eb71cad63f4d044fcce96d9949d172497323c
-
Size
825KB
-
Sample
221004-gx614afcdp
-
MD5
2cc680307934db679476001c2d42501a
-
SHA1
2285e76059caa519e497df60787fb12ddba47b28
-
SHA256
30cc674865403c5ad3eb246fbb4eb71cad63f4d044fcce96d9949d172497323c
-
SHA512
cec33f1e326782682721cad7c1f106ebeb83ba636b39d62f76971cd63f986b8da8326e29f6994ce047321d90c86e25f6e8950becc1e85bd668843afeb80042fd
-
SSDEEP
24576:+4qMHqSqV7zbRbJ1NMJwktXvIA0NC3Oh+FJD:+4q+7E9J1NMxt/IA0C3Oh+3D
Static task
static1
Behavioral task
behavioral1
Sample
30cc674865403c5ad3eb246fbb4eb71cad63f4d044fcce96d9949d172497323c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
30cc674865403c5ad3eb246fbb4eb71cad63f4d044fcce96d9949d172497323c.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
30cc674865403c5ad3eb246fbb4eb71cad63f4d044fcce96d9949d172497323c
-
Size
825KB
-
MD5
2cc680307934db679476001c2d42501a
-
SHA1
2285e76059caa519e497df60787fb12ddba47b28
-
SHA256
30cc674865403c5ad3eb246fbb4eb71cad63f4d044fcce96d9949d172497323c
-
SHA512
cec33f1e326782682721cad7c1f106ebeb83ba636b39d62f76971cd63f986b8da8326e29f6994ce047321d90c86e25f6e8950becc1e85bd668843afeb80042fd
-
SSDEEP
24576:+4qMHqSqV7zbRbJ1NMJwktXvIA0NC3Oh+FJD:+4q+7E9J1NMxt/IA0C3Oh+3D
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-