General
-
Target
214167e1feb613503ca6053634ac634f1f7acf688ba1b79534984e9c2cff2844
-
Size
791KB
-
Sample
221124-k512lagc4z
-
MD5
ba51fb93aed8c9bb74990ab647dabd53
-
SHA1
d15c1724ea659527cfdeba0ec0c4a07a9cdba5a1
-
SHA256
214167e1feb613503ca6053634ac634f1f7acf688ba1b79534984e9c2cff2844
-
SHA512
352674fc850d821a71f7194caf8b74c80a8876deae008d98bb5f1884d0f5abfa16b0b8cf661378244e934961494823ca7290e1b5d4cf8bfd9248841a48399774
-
SSDEEP
24576:tt24wzbUct6DVLMmRzfDn3mes+W8lqLzaFmqj:JucJTJfbmesV6qLzaFmqj
Static task
static1
Behavioral task
behavioral1
Sample
214167e1feb613503ca6053634ac634f1f7acf688ba1b79534984e9c2cff2844.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
214167e1feb613503ca6053634ac634f1f7acf688ba1b79534984e9c2cff2844.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
214167e1feb613503ca6053634ac634f1f7acf688ba1b79534984e9c2cff2844
-
Size
791KB
-
MD5
ba51fb93aed8c9bb74990ab647dabd53
-
SHA1
d15c1724ea659527cfdeba0ec0c4a07a9cdba5a1
-
SHA256
214167e1feb613503ca6053634ac634f1f7acf688ba1b79534984e9c2cff2844
-
SHA512
352674fc850d821a71f7194caf8b74c80a8876deae008d98bb5f1884d0f5abfa16b0b8cf661378244e934961494823ca7290e1b5d4cf8bfd9248841a48399774
-
SSDEEP
24576:tt24wzbUct6DVLMmRzfDn3mes+W8lqLzaFmqj:JucJTJfbmesV6qLzaFmqj
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-