General
-
Target
4bd1f8d8dbd0141a3671d13da19b307f24fe31bbdc5e3100c8b70b0035efb401
-
Size
248KB
-
Sample
221125-b93xbagb6z
-
MD5
59ec1fc933476c91845dc48f1a7c70e7
-
SHA1
6ea46d0e2c8659ce415edc1652fc67a683ea66a1
-
SHA256
4bd1f8d8dbd0141a3671d13da19b307f24fe31bbdc5e3100c8b70b0035efb401
-
SHA512
4d1d2522d5a90d3dc035437bea6837b58d2b75c3f0d38b8b565b98a721c9524e636f364067a0ec2f62843ee951fd7db4eb076b6c7fc9f413fce2abf8395b0cd7
-
SSDEEP
6144:ydSrFa3PA+X+H2Dsqiq4DMKXJk6e9pZHhYTHyZ9LtjV:QA+OW70UTlh2Sf
Static task
static1
Behavioral task
behavioral1
Sample
4bd1f8d8dbd0141a3671d13da19b307f24fe31bbdc5e3100c8b70b0035efb401.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4bd1f8d8dbd0141a3671d13da19b307f24fe31bbdc5e3100c8b70b0035efb401.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
4bd1f8d8dbd0141a3671d13da19b307f24fe31bbdc5e3100c8b70b0035efb401
-
Size
248KB
-
MD5
59ec1fc933476c91845dc48f1a7c70e7
-
SHA1
6ea46d0e2c8659ce415edc1652fc67a683ea66a1
-
SHA256
4bd1f8d8dbd0141a3671d13da19b307f24fe31bbdc5e3100c8b70b0035efb401
-
SHA512
4d1d2522d5a90d3dc035437bea6837b58d2b75c3f0d38b8b565b98a721c9524e636f364067a0ec2f62843ee951fd7db4eb076b6c7fc9f413fce2abf8395b0cd7
-
SSDEEP
6144:ydSrFa3PA+X+H2Dsqiq4DMKXJk6e9pZHhYTHyZ9LtjV:QA+OW70UTlh2Sf
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-