General
-
Target
faeee77c30327f57740e4f629631bfed46e70e68ed2ed09186433de9cd252a93
-
Size
849KB
-
Sample
221125-s318ksca4x
-
MD5
bf350cf4757a520127a3e6de80b76754
-
SHA1
a74f40b3ad24b2c48b32c0fb76a57dec2c212ce9
-
SHA256
faeee77c30327f57740e4f629631bfed46e70e68ed2ed09186433de9cd252a93
-
SHA512
b5eded250ae4fa4edca09b6a9512dc5eb302fa1f17e89de4116fac032207437b5069bac621016ddb7b0410fae01f3bc8086720044840d9e44adadfcb63df9894
-
SSDEEP
24576:Ws7TqIBdD9hOxSxo0k+HqYkQ0TLRhbqMS8F:Ws7TVOl0k+kVRhGm
Static task
static1
Behavioral task
behavioral1
Sample
faeee77c30327f57740e4f629631bfed46e70e68ed2ed09186433de9cd252a93.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
faeee77c30327f57740e4f629631bfed46e70e68ed2ed09186433de9cd252a93.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
faeee77c30327f57740e4f629631bfed46e70e68ed2ed09186433de9cd252a93
-
Size
849KB
-
MD5
bf350cf4757a520127a3e6de80b76754
-
SHA1
a74f40b3ad24b2c48b32c0fb76a57dec2c212ce9
-
SHA256
faeee77c30327f57740e4f629631bfed46e70e68ed2ed09186433de9cd252a93
-
SHA512
b5eded250ae4fa4edca09b6a9512dc5eb302fa1f17e89de4116fac032207437b5069bac621016ddb7b0410fae01f3bc8086720044840d9e44adadfcb63df9894
-
SSDEEP
24576:Ws7TqIBdD9hOxSxo0k+HqYkQ0TLRhbqMS8F:Ws7TVOl0k+kVRhGm
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-