General
-
Target
4b1eefe8c1d3d410cedbec6cddcd977db621603205756d4dd8f7fb5d6f292213
-
Size
328KB
-
Sample
221124-qw8mzagb68
-
MD5
95c6972552be2a5ced9ebb3b2aecc327
-
SHA1
a779d25631420973651ad3ac9dbb46805a244546
-
SHA256
4b1eefe8c1d3d410cedbec6cddcd977db621603205756d4dd8f7fb5d6f292213
-
SHA512
5cbd22c6aba41d4b3af51acb1d0458efed58c09bd8e29fe5819b818870d136558c95e9e162e304b99ba8849a53cc0f851bf447ee9400d2804196ff7ae8917d9f
-
SSDEEP
3072:wvBdkm5RdXLMZIY94FPuWvAX260QuwNO2NIWjcyVbiWjnoQmAcpMIrbqIKz+Omzy:WLLMSWWcdZV9noQoC7oVQv9GLx9YIjY
Static task
static1
Behavioral task
behavioral1
Sample
4b1eefe8c1d3d410cedbec6cddcd977db621603205756d4dd8f7fb5d6f292213.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4b1eefe8c1d3d410cedbec6cddcd977db621603205756d4dd8f7fb5d6f292213.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
4b1eefe8c1d3d410cedbec6cddcd977db621603205756d4dd8f7fb5d6f292213
-
Size
328KB
-
MD5
95c6972552be2a5ced9ebb3b2aecc327
-
SHA1
a779d25631420973651ad3ac9dbb46805a244546
-
SHA256
4b1eefe8c1d3d410cedbec6cddcd977db621603205756d4dd8f7fb5d6f292213
-
SHA512
5cbd22c6aba41d4b3af51acb1d0458efed58c09bd8e29fe5819b818870d136558c95e9e162e304b99ba8849a53cc0f851bf447ee9400d2804196ff7ae8917d9f
-
SSDEEP
3072:wvBdkm5RdXLMZIY94FPuWvAX260QuwNO2NIWjcyVbiWjnoQmAcpMIrbqIKz+Omzy:WLLMSWWcdZV9noQoC7oVQv9GLx9YIjY
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks for any installed AV software in registry
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-