General
-
Target
2ca7888b89a4157c54503e10fb5b2f35d8752037e195540e168ab76e7db2caf9
-
Size
263KB
-
Sample
221123-r2v5hadb51
-
MD5
1b94757c66c44b7739a18ff3f7f0a594
-
SHA1
2a12455c62c8eb831363f7ad5b03aea96b7bfd65
-
SHA256
2ca7888b89a4157c54503e10fb5b2f35d8752037e195540e168ab76e7db2caf9
-
SHA512
f3390db17b4e7c7d027e5c9cbfba8295253c97c06674d67ab9e51e3b6dbd4fdeb417ac8b74baf0ea7623b12a2f3132c4c59ad7c4881a0f189a0c19d1c2ac8a28
-
SSDEEP
3072:uZFcX5uDAwaTGgAigWW6KYO9UHIF6gsml5uWTtS6Vh1Gsv4PYA:uZ75Pig16ycWJjl5HtS6VKsvyD
Static task
static1
Behavioral task
behavioral1
Sample
2ca7888b89a4157c54503e10fb5b2f35d8752037e195540e168ab76e7db2caf9.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2ca7888b89a4157c54503e10fb5b2f35d8752037e195540e168ab76e7db2caf9.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
2ca7888b89a4157c54503e10fb5b2f35d8752037e195540e168ab76e7db2caf9
-
Size
263KB
-
MD5
1b94757c66c44b7739a18ff3f7f0a594
-
SHA1
2a12455c62c8eb831363f7ad5b03aea96b7bfd65
-
SHA256
2ca7888b89a4157c54503e10fb5b2f35d8752037e195540e168ab76e7db2caf9
-
SHA512
f3390db17b4e7c7d027e5c9cbfba8295253c97c06674d67ab9e51e3b6dbd4fdeb417ac8b74baf0ea7623b12a2f3132c4c59ad7c4881a0f189a0c19d1c2ac8a28
-
SSDEEP
3072:uZFcX5uDAwaTGgAigWW6KYO9UHIF6gsml5uWTtS6Vh1Gsv4PYA:uZ75Pig16ycWJjl5HtS6VKsvyD
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks for any installed AV software in registry
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-