General
-
Target
ef734aafa5d4712a8eecdd7b63ba895fe6869c221acbd9038e65a472426d78d9
-
Size
1.2MB
-
Sample
221123-lqd4ysca24
-
MD5
38df01b430a44e714e2872cb069dbb9c
-
SHA1
7593a65f30da17196b2c6abe94902271dbe78063
-
SHA256
ef734aafa5d4712a8eecdd7b63ba895fe6869c221acbd9038e65a472426d78d9
-
SHA512
5cff7614117cc68bd77104a57723b85d3875d98708039149f57eef7392e88bd1c2881a4892510768c72d0ffcdab515b4db9dd553b5e59152ba783c9945a4828c
-
SSDEEP
24576:Gt24QdLl+X+2FHARUBZQqE/aoepkbAy2945mynFz9VRQYQavcMj:M+g1TZQRanpry2jynFzPRQYQavco
Static task
static1
Behavioral task
behavioral1
Sample
ef734aafa5d4712a8eecdd7b63ba895fe6869c221acbd9038e65a472426d78d9.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ef734aafa5d4712a8eecdd7b63ba895fe6869c221acbd9038e65a472426d78d9.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
ef734aafa5d4712a8eecdd7b63ba895fe6869c221acbd9038e65a472426d78d9
-
Size
1.2MB
-
MD5
38df01b430a44e714e2872cb069dbb9c
-
SHA1
7593a65f30da17196b2c6abe94902271dbe78063
-
SHA256
ef734aafa5d4712a8eecdd7b63ba895fe6869c221acbd9038e65a472426d78d9
-
SHA512
5cff7614117cc68bd77104a57723b85d3875d98708039149f57eef7392e88bd1c2881a4892510768c72d0ffcdab515b4db9dd553b5e59152ba783c9945a4828c
-
SSDEEP
24576:Gt24QdLl+X+2FHARUBZQqE/aoepkbAy2945mynFz9VRQYQavcMj:M+g1TZQRanpry2jynFzPRQYQavco
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-