General
-
Target
a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e
-
Size
6.0MB
-
Sample
221124-afe3qahe71
-
MD5
972a4e05b3795bba2ed21cfde1d34229
-
SHA1
af8865d6144a4331e736819de4a335e4da3968e4
-
SHA256
a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e
-
SHA512
d1f3a00cb8150b2286a61823e4c2ee1eab6899a100b7c4133c8f4272dd29912c27a3c23c757ba065d59139afa9c1f51089a1f1d9538bb8559b6c4e54f21398b7
-
SSDEEP
98304:aup+CgTmGHqC3v/fq6Q3vxTSsTyVlP4AvZ8X16DhKWAZvhUdmWLOPvKlu0CbxaCd:F+JT8G/y6QMsTyVlPGMDhGUd7aylu0Cp
Static task
static1
Behavioral task
behavioral1
Sample
a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e
-
Size
6.0MB
-
MD5
972a4e05b3795bba2ed21cfde1d34229
-
SHA1
af8865d6144a4331e736819de4a335e4da3968e4
-
SHA256
a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e
-
SHA512
d1f3a00cb8150b2286a61823e4c2ee1eab6899a100b7c4133c8f4272dd29912c27a3c23c757ba065d59139afa9c1f51089a1f1d9538bb8559b6c4e54f21398b7
-
SSDEEP
98304:aup+CgTmGHqC3v/fq6Q3vxTSsTyVlP4AvZ8X16DhKWAZvhUdmWLOPvKlu0CbxaCd:F+JT8G/y6QMsTyVlPGMDhGUd7aylu0Cp
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-