General
-
Target
18e33ed1f96de2ebb3856fb076f5d1fc2503d02f628e985d1fa94988bc124ea8
-
Size
851KB
-
Sample
221125-j6jm9sgf8w
-
MD5
4591a24e9159fbd0d8ec745cb5277420
-
SHA1
2b8ea5429bbf72bc03b4f9f859d544ea4648dd54
-
SHA256
18e33ed1f96de2ebb3856fb076f5d1fc2503d02f628e985d1fa94988bc124ea8
-
SHA512
08243bf2b453aec913193896d194d14814298820669f961d1f81b9343c496d1c401ac9e7ef655762b35c9d40fc379fa18fadb3641710604ad0f6270fde93ad15
-
SSDEEP
1536:ybcbXVDMo9fgw5Y0ZlUmp/xLVQ8GW9AWPdApTbJ7mLcaQ9yrKYcU:yWMot5Y0Z2enQ8G0AVpTTaOyrv
Static task
static1
Behavioral task
behavioral1
Sample
18e33ed1f96de2ebb3856fb076f5d1fc2503d02f628e985d1fa94988bc124ea8.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
18e33ed1f96de2ebb3856fb076f5d1fc2503d02f628e985d1fa94988bc124ea8
-
Size
851KB
-
MD5
4591a24e9159fbd0d8ec745cb5277420
-
SHA1
2b8ea5429bbf72bc03b4f9f859d544ea4648dd54
-
SHA256
18e33ed1f96de2ebb3856fb076f5d1fc2503d02f628e985d1fa94988bc124ea8
-
SHA512
08243bf2b453aec913193896d194d14814298820669f961d1f81b9343c496d1c401ac9e7ef655762b35c9d40fc379fa18fadb3641710604ad0f6270fde93ad15
-
SSDEEP
1536:ybcbXVDMo9fgw5Y0ZlUmp/xLVQ8GW9AWPdApTbJ7mLcaQ9yrKYcU:yWMot5Y0Z2enQ8G0AVpTTaOyrv
-
Modifies firewall policy service
-
Modifies security service
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-