General
-
Target
df044df75d68bdc85e0ba0821df2574d128532837eca817e83a4412ce27fc862
-
Size
312KB
-
Sample
221125-hqhklahd99
-
MD5
5d00627acef34a061468495b8b122926
-
SHA1
1c22ab8f0fb40143f2695255da641d738b976d89
-
SHA256
df044df75d68bdc85e0ba0821df2574d128532837eca817e83a4412ce27fc862
-
SHA512
01e1ddfa3026293281e898e83fe9c717ec2ac04c200a2e5372e1328a0d99edc47f1183a70952faa9334f8322dd40d012a598ca14d53e5f3b02030d5f12d43acc
-
SSDEEP
6144:iBUKwblom4GBI4GdS12lZYp0kzrbWA0SCT1cACTfgjdlA:3xlom4G+4Go1MOxeA0z1kfgjdlA
Static task
static1
Behavioral task
behavioral1
Sample
df044df75d68bdc85e0ba0821df2574d128532837eca817e83a4412ce27fc862.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
df044df75d68bdc85e0ba0821df2574d128532837eca817e83a4412ce27fc862
-
Size
312KB
-
MD5
5d00627acef34a061468495b8b122926
-
SHA1
1c22ab8f0fb40143f2695255da641d738b976d89
-
SHA256
df044df75d68bdc85e0ba0821df2574d128532837eca817e83a4412ce27fc862
-
SHA512
01e1ddfa3026293281e898e83fe9c717ec2ac04c200a2e5372e1328a0d99edc47f1183a70952faa9334f8322dd40d012a598ca14d53e5f3b02030d5f12d43acc
-
SSDEEP
6144:iBUKwblom4GBI4GdS12lZYp0kzrbWA0SCT1cACTfgjdlA:3xlom4G+4Go1MOxeA0z1kfgjdlA
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-