General
-
Target
299790ad7148fcae3d433c8265533e2fcbb620c04ab4896d44a1f9dc5b8e3f61
-
Size
887KB
-
Sample
221125-2dwfgaed9x
-
MD5
5fa6538471d30c084c0257b80a8a4d5e
-
SHA1
756e754223382739063d7420807871d255bff53d
-
SHA256
299790ad7148fcae3d433c8265533e2fcbb620c04ab4896d44a1f9dc5b8e3f61
-
SHA512
8a3af2d7efd474bd95ae734ef73e323e04c7d2de9c461dee87574b07769ca046e2545a7393e3a7d54b18e6cd3635a8c59b052e162c63b091de1b7c20a9de636b
-
SSDEEP
12288:kYCr8rgkNxnHaFP78jdwOt/XbLAo0tjUe8NA3cNNC/Q5PXTcVgdv240dEeqYW9nM:NCYL7aJ8pwGXbD0tjBwCvI5YW9lm
Static task
static1
Behavioral task
behavioral1
Sample
299790ad7148fcae3d433c8265533e2fcbb620c04ab4896d44a1f9dc5b8e3f61.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
299790ad7148fcae3d433c8265533e2fcbb620c04ab4896d44a1f9dc5b8e3f61.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
299790ad7148fcae3d433c8265533e2fcbb620c04ab4896d44a1f9dc5b8e3f61
-
Size
887KB
-
MD5
5fa6538471d30c084c0257b80a8a4d5e
-
SHA1
756e754223382739063d7420807871d255bff53d
-
SHA256
299790ad7148fcae3d433c8265533e2fcbb620c04ab4896d44a1f9dc5b8e3f61
-
SHA512
8a3af2d7efd474bd95ae734ef73e323e04c7d2de9c461dee87574b07769ca046e2545a7393e3a7d54b18e6cd3635a8c59b052e162c63b091de1b7c20a9de636b
-
SSDEEP
12288:kYCr8rgkNxnHaFP78jdwOt/XbLAo0tjUe8NA3cNNC/Q5PXTcVgdv240dEeqYW9nM:NCYL7aJ8pwGXbD0tjBwCvI5YW9lm
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-