General
-
Target
5f45771a2772d2d388cae5127912022a2f7149e9a5a668aaf1de9bc25987bc62
-
Size
377KB
-
Sample
221125-x71vtsab86
-
MD5
dd5740ab02491ee1d9a7a1203f37cdd7
-
SHA1
3cf89c9b5a7ccc00be23e0abbf9626d78c838d43
-
SHA256
5f45771a2772d2d388cae5127912022a2f7149e9a5a668aaf1de9bc25987bc62
-
SHA512
2cc04351120d7a042cb09c590eabe04fefabcae993d590c5d665bc5b1ecd3ebe7d408a1ddefa304c3dbd87d56111302db33f4ca0e43df5c18577d8a03119a6d9
-
SSDEEP
6144:FKz+Bna2+vRSPFt2XkcXaiV11zGommV1MAP1KY+g6gPeTbUNRsWebimiFRl:F0yadRSNt2XkWai31zGYZb+g6UCbUNRF
Static task
static1
Behavioral task
behavioral1
Sample
5f45771a2772d2d388cae5127912022a2f7149e9a5a668aaf1de9bc25987bc62.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5f45771a2772d2d388cae5127912022a2f7149e9a5a668aaf1de9bc25987bc62.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
5f45771a2772d2d388cae5127912022a2f7149e9a5a668aaf1de9bc25987bc62
-
Size
377KB
-
MD5
dd5740ab02491ee1d9a7a1203f37cdd7
-
SHA1
3cf89c9b5a7ccc00be23e0abbf9626d78c838d43
-
SHA256
5f45771a2772d2d388cae5127912022a2f7149e9a5a668aaf1de9bc25987bc62
-
SHA512
2cc04351120d7a042cb09c590eabe04fefabcae993d590c5d665bc5b1ecd3ebe7d408a1ddefa304c3dbd87d56111302db33f4ca0e43df5c18577d8a03119a6d9
-
SSDEEP
6144:FKz+Bna2+vRSPFt2XkcXaiV11zGommV1MAP1KY+g6gPeTbUNRsWebimiFRl:F0yadRSNt2XkWai31zGYZb+g6UCbUNRF
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-