General
-
Target
5b87c6f4f1f3e64668fdf3adaf30a0f184ee96e9676f36f15fbefb29052b467e
-
Size
1.1MB
-
Sample
221123-lp7pwabh94
-
MD5
c0472277dc8d80ecc9522a9d8fe734a0
-
SHA1
0047a28f9337e4404afde444919aaf08922c98d5
-
SHA256
5b87c6f4f1f3e64668fdf3adaf30a0f184ee96e9676f36f15fbefb29052b467e
-
SHA512
d040424304b431dccb46fb95e853ef318d32b8d0b0046d567860fff243cd3f60d41e6c6742001ed903d46aec681dadf9d05d8dde9d16242254b03444a4eb52e6
-
SSDEEP
24576:74lavt0LkLL9IMixoEgeaWwmRGgl5bWq9MmCS:Okwkn9IMHeaWwtU5KaPCS
Static task
static1
Behavioral task
behavioral1
Sample
5b87c6f4f1f3e64668fdf3adaf30a0f184ee96e9676f36f15fbefb29052b467e.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
5b87c6f4f1f3e64668fdf3adaf30a0f184ee96e9676f36f15fbefb29052b467e
-
Size
1.1MB
-
MD5
c0472277dc8d80ecc9522a9d8fe734a0
-
SHA1
0047a28f9337e4404afde444919aaf08922c98d5
-
SHA256
5b87c6f4f1f3e64668fdf3adaf30a0f184ee96e9676f36f15fbefb29052b467e
-
SHA512
d040424304b431dccb46fb95e853ef318d32b8d0b0046d567860fff243cd3f60d41e6c6742001ed903d46aec681dadf9d05d8dde9d16242254b03444a4eb52e6
-
SSDEEP
24576:74lavt0LkLL9IMixoEgeaWwmRGgl5bWq9MmCS:Okwkn9IMHeaWwtU5KaPCS
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-