General
-
Target
501079482648396c40bba81e38661c35ff927a8331ce8d4d23e5e5b34b844495
-
Size
2.1MB
-
Sample
221125-kqqmbaee33
-
MD5
34597bd8d6fd56c99db5ef23f1a61924
-
SHA1
fbcf6058c106f4110002875befa0fbc8e957670a
-
SHA256
501079482648396c40bba81e38661c35ff927a8331ce8d4d23e5e5b34b844495
-
SHA512
af364eed28a27991b600b2bead8319d01ce5318572620e3ab2f1d0a962f70607c11b19b96a5782095355751a8823b5c0b1801cf4c67449ed613a89e1646a39b9
-
SSDEEP
49152:7TD/sqM5pQr+eBLVyZEaKFVAmf5eZRqg1AKpABgh2RCBZm+2j:nD/lM5pE+evqE7AmxeZJy3BgkRcZa
Static task
static1
Behavioral task
behavioral1
Sample
501079482648396c40bba81e38661c35ff927a8331ce8d4d23e5e5b34b844495.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
501079482648396c40bba81e38661c35ff927a8331ce8d4d23e5e5b34b844495.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
501079482648396c40bba81e38661c35ff927a8331ce8d4d23e5e5b34b844495
-
Size
2.1MB
-
MD5
34597bd8d6fd56c99db5ef23f1a61924
-
SHA1
fbcf6058c106f4110002875befa0fbc8e957670a
-
SHA256
501079482648396c40bba81e38661c35ff927a8331ce8d4d23e5e5b34b844495
-
SHA512
af364eed28a27991b600b2bead8319d01ce5318572620e3ab2f1d0a962f70607c11b19b96a5782095355751a8823b5c0b1801cf4c67449ed613a89e1646a39b9
-
SSDEEP
49152:7TD/sqM5pQr+eBLVyZEaKFVAmf5eZRqg1AKpABgh2RCBZm+2j:nD/lM5pE+evqE7AmxeZJy3BgkRcZa
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-