General
-
Target
RLOI JS01-2.exe
-
Size
370KB
-
Sample
221005-asbwtschh2
-
MD5
82773c3d9fe4c2aecf34451f482e29c4
-
SHA1
6051b7f6a267911b4536c8c467b7237ccfd0cece
-
SHA256
c48c54a2b2b453e86b248a1ea9dbfe0d5b533db99e431dc8635c2763420c1afd
-
SHA512
e7c9eb748f5f1531273475afd563dd6e7da3a1731f7835d0b3b613675aa9065539f00fb320fe121f1999d012b4e7c9a9c220868e09533331b8d4dd0e0953a016
-
SSDEEP
6144:lTouKrWBEu3/Z2lpGDHU3ykJ1tC/cr+GM3qnWEbhGi:lToPWBv/cpGrU3y8tGclMreX
Static task
static1
Behavioral task
behavioral1
Sample
RLOI JS01-2.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
RLOI JS01-2.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
RLOI JS01-2.exe
-
Size
370KB
-
MD5
82773c3d9fe4c2aecf34451f482e29c4
-
SHA1
6051b7f6a267911b4536c8c467b7237ccfd0cece
-
SHA256
c48c54a2b2b453e86b248a1ea9dbfe0d5b533db99e431dc8635c2763420c1afd
-
SHA512
e7c9eb748f5f1531273475afd563dd6e7da3a1731f7835d0b3b613675aa9065539f00fb320fe121f1999d012b4e7c9a9c220868e09533331b8d4dd0e0953a016
-
SSDEEP
6144:lTouKrWBEu3/Z2lpGDHU3ykJ1tC/cr+GM3qnWEbhGi:lToPWBv/cpGrU3y8tGclMreX
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-