General
-
Target
f1fdc6b05605137aabff3b59e49b489866673a93706d52247a74f1c6441ed333
-
Size
220KB
-
Sample
221123-pymmvace73
-
MD5
31a3abe2824e6e4cce48e207df6b3aa5
-
SHA1
cd1466b5c1e964c53ade0acdcd3ad6ecf2fc8505
-
SHA256
f1fdc6b05605137aabff3b59e49b489866673a93706d52247a74f1c6441ed333
-
SHA512
c93a1310ebcfe3472e68a4db45d1dabfabaa18711997286d9f2986bae1d63d66f3e09a397c6bde3c12d11e4669b6e9a699fa6ad09a657d603c1749e45971e7e2
-
SSDEEP
3072:xKNQHcGBMVpXUxRVE+FXeRiD1zuO9T1eRp7VFtJW6uVRK0q/3/v:xK5+MVpWRVyR6uI1eP7VFtJkwv
Static task
static1
Behavioral task
behavioral1
Sample
f1fdc6b05605137aabff3b59e49b489866673a93706d52247a74f1c6441ed333.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
f1fdc6b05605137aabff3b59e49b489866673a93706d52247a74f1c6441ed333
-
Size
220KB
-
MD5
31a3abe2824e6e4cce48e207df6b3aa5
-
SHA1
cd1466b5c1e964c53ade0acdcd3ad6ecf2fc8505
-
SHA256
f1fdc6b05605137aabff3b59e49b489866673a93706d52247a74f1c6441ed333
-
SHA512
c93a1310ebcfe3472e68a4db45d1dabfabaa18711997286d9f2986bae1d63d66f3e09a397c6bde3c12d11e4669b6e9a699fa6ad09a657d603c1749e45971e7e2
-
SSDEEP
3072:xKNQHcGBMVpXUxRVE+FXeRiD1zuO9T1eRp7VFtJW6uVRK0q/3/v:xK5+MVpWRVyR6uI1eP7VFtJkwv
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-