General
-
Target
c1cca7728dabf7ce7ecdfaecc8c54412207aff39490cd557b1db568c97437100
-
Size
346KB
-
Sample
221124-yf3e1shg4z
-
MD5
8e5b11b4459592014296f9ab307004a6
-
SHA1
b0cd326c8389db2adeadd541cb21e1fbfb346c80
-
SHA256
c1cca7728dabf7ce7ecdfaecc8c54412207aff39490cd557b1db568c97437100
-
SHA512
a9cac4fbd5eb23fa15564bcfac2734171b4650d7bf8e9218e917e2f0168667a88f0538c21f75ce6057355ea825bdddafee62afc063503e18bf6f824dd50d5b16
-
SSDEEP
6144:jPL9R55VPkcn0QtPoNHMTMnUDHohJMJ/rTK/Va13YTJt2:rpRZPA06MTMUqddC2a
Static task
static1
Behavioral task
behavioral1
Sample
c1cca7728dabf7ce7ecdfaecc8c54412207aff39490cd557b1db568c97437100.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
c1cca7728dabf7ce7ecdfaecc8c54412207aff39490cd557b1db568c97437100.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
c1cca7728dabf7ce7ecdfaecc8c54412207aff39490cd557b1db568c97437100
-
Size
346KB
-
MD5
8e5b11b4459592014296f9ab307004a6
-
SHA1
b0cd326c8389db2adeadd541cb21e1fbfb346c80
-
SHA256
c1cca7728dabf7ce7ecdfaecc8c54412207aff39490cd557b1db568c97437100
-
SHA512
a9cac4fbd5eb23fa15564bcfac2734171b4650d7bf8e9218e917e2f0168667a88f0538c21f75ce6057355ea825bdddafee62afc063503e18bf6f824dd50d5b16
-
SSDEEP
6144:jPL9R55VPkcn0QtPoNHMTMnUDHohJMJ/rTK/Va13YTJt2:rpRZPA06MTMUqddC2a
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-