General
-
Target
85ab080597b47467ad4145a456c9cc85da9036a2892b7ebd06121f05c9dcb7ad
-
Size
668KB
-
Sample
221019-2a4mnsbbbq
-
MD5
a13bb28a1775aacb5d648c0b4efada40
-
SHA1
b97cc6e019a4a52e411eb1e75d349d18364bb0a0
-
SHA256
85ab080597b47467ad4145a456c9cc85da9036a2892b7ebd06121f05c9dcb7ad
-
SHA512
f770c55d7b933a27c1450c9b38fd988c9ccc82f6bd572fe81f3aa41202eeededcc193c2daa57b860fec28d062313cd9ea8244f9baff73bf5c3873500b3f8660b
-
SSDEEP
12288:9hp8giY4D6Qk5riGBVZ6Oh5ZYOZ90xHPlbGPT0uRawf6yYVgxP+eyCgPdYq3NIX0:9X8gj4bk5r7VZ6s5ZFZ9YHPtGPouRn6d
Static task
static1
Behavioral task
behavioral1
Sample
85ab080597b47467ad4145a456c9cc85da9036a2892b7ebd06121f05c9dcb7ad.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
85ab080597b47467ad4145a456c9cc85da9036a2892b7ebd06121f05c9dcb7ad.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
85ab080597b47467ad4145a456c9cc85da9036a2892b7ebd06121f05c9dcb7ad
-
Size
668KB
-
MD5
a13bb28a1775aacb5d648c0b4efada40
-
SHA1
b97cc6e019a4a52e411eb1e75d349d18364bb0a0
-
SHA256
85ab080597b47467ad4145a456c9cc85da9036a2892b7ebd06121f05c9dcb7ad
-
SHA512
f770c55d7b933a27c1450c9b38fd988c9ccc82f6bd572fe81f3aa41202eeededcc193c2daa57b860fec28d062313cd9ea8244f9baff73bf5c3873500b3f8660b
-
SSDEEP
12288:9hp8giY4D6Qk5riGBVZ6Oh5ZYOZ90xHPlbGPT0uRawf6yYVgxP+eyCgPdYq3NIX0:9X8gj4bk5r7VZ6s5ZFZ9YHPtGPouRn6d
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-