General
-
Target
e481d4881a3189a1f38ed1a1d5de98c177004f94896c1780f0c5dbf3d6675f4e
-
Size
288KB
-
Sample
221029-r3eh5sbhfj
-
MD5
e8b9822f038f6493b75f7406c3d9c034
-
SHA1
64dec7efb1ac73a3fc8070f8f8cc4f643bc1ac7a
-
SHA256
e481d4881a3189a1f38ed1a1d5de98c177004f94896c1780f0c5dbf3d6675f4e
-
SHA512
948c132dcff502b817a85a8115893197c086d5ced73dbeec12e95f4fb60888694cd5172b2ebb341608070d81aaf1926861290a9329150363a170c2f512502171
-
SSDEEP
6144:whwxaxI9sBV1wbDmi5KblR0QJJuhDu5qcCvKhVVncAX1L:wyxXK1Ymi5sR0MqqLCvs6A
Static task
static1
Behavioral task
behavioral1
Sample
e481d4881a3189a1f38ed1a1d5de98c177004f94896c1780f0c5dbf3d6675f4e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e481d4881a3189a1f38ed1a1d5de98c177004f94896c1780f0c5dbf3d6675f4e.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
e481d4881a3189a1f38ed1a1d5de98c177004f94896c1780f0c5dbf3d6675f4e
-
Size
288KB
-
MD5
e8b9822f038f6493b75f7406c3d9c034
-
SHA1
64dec7efb1ac73a3fc8070f8f8cc4f643bc1ac7a
-
SHA256
e481d4881a3189a1f38ed1a1d5de98c177004f94896c1780f0c5dbf3d6675f4e
-
SHA512
948c132dcff502b817a85a8115893197c086d5ced73dbeec12e95f4fb60888694cd5172b2ebb341608070d81aaf1926861290a9329150363a170c2f512502171
-
SSDEEP
6144:whwxaxI9sBV1wbDmi5KblR0QJJuhDu5qcCvKhVVncAX1L:wyxXK1Ymi5sR0MqqLCvs6A
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-