General
-
Target
53d1f1a9d3709cf662eeb3a31ac65d17da82d7378bde20434f37f44fb34828de
-
Size
482KB
-
Sample
221011-laf9dafgd4
-
MD5
62f3ec290a4439799bbfd62283db801c
-
SHA1
ad32bfea862a3881eab78dd4fe63f04894f2c326
-
SHA256
53d1f1a9d3709cf662eeb3a31ac65d17da82d7378bde20434f37f44fb34828de
-
SHA512
de29cb271533ce259c206758273f3a5b4ad99fe1d07c9fe606e8a25c35472d128e85d6adef13f318fa719b8d2667cfe4bdfa8419d9a7823c13eb4f8e372f8d3e
-
SSDEEP
12288:W8jg5H7m3gidtHuK6abHin1fZZhjY/iNIv/:fqSg4HinHWiiX
Static task
static1
Behavioral task
behavioral1
Sample
53d1f1a9d3709cf662eeb3a31ac65d17da82d7378bde20434f37f44fb34828de.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
53d1f1a9d3709cf662eeb3a31ac65d17da82d7378bde20434f37f44fb34828de.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
53d1f1a9d3709cf662eeb3a31ac65d17da82d7378bde20434f37f44fb34828de
-
Size
482KB
-
MD5
62f3ec290a4439799bbfd62283db801c
-
SHA1
ad32bfea862a3881eab78dd4fe63f04894f2c326
-
SHA256
53d1f1a9d3709cf662eeb3a31ac65d17da82d7378bde20434f37f44fb34828de
-
SHA512
de29cb271533ce259c206758273f3a5b4ad99fe1d07c9fe606e8a25c35472d128e85d6adef13f318fa719b8d2667cfe4bdfa8419d9a7823c13eb4f8e372f8d3e
-
SSDEEP
12288:W8jg5H7m3gidtHuK6abHin1fZZhjY/iNIv/:fqSg4HinHWiiX
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-