General
-
Target
974ef2d6473ca49f564a80a08562bffeb7efb729ecebdbedda9b0f9cbc367425
-
Size
3.3MB
-
Sample
221125-yajqqaae23
-
MD5
d6eb823813e14139e953e36249282933
-
SHA1
889381c0a3d3c751c790a25b0b0605ea1fe5ad2b
-
SHA256
974ef2d6473ca49f564a80a08562bffeb7efb729ecebdbedda9b0f9cbc367425
-
SHA512
b3692a52e709a6e9902baf6dd0142467ac88bdd54f09236deaf1bee6b5a65032b9b999b390dbe6b7f03b0bd34c28c059fbff1b10091015f2c874ac01d6086a12
-
SSDEEP
49152:E9BfDauF3rt3g7GNBamkmmCwLtLV3viyKXtLGNWImgPIsxmHCpswILEtLL:EfTxzG7CwdV3vidSWHFCmLwL
Static task
static1
Behavioral task
behavioral1
Sample
974ef2d6473ca49f564a80a08562bffeb7efb729ecebdbedda9b0f9cbc367425.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
974ef2d6473ca49f564a80a08562bffeb7efb729ecebdbedda9b0f9cbc367425.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
974ef2d6473ca49f564a80a08562bffeb7efb729ecebdbedda9b0f9cbc367425
-
Size
3.3MB
-
MD5
d6eb823813e14139e953e36249282933
-
SHA1
889381c0a3d3c751c790a25b0b0605ea1fe5ad2b
-
SHA256
974ef2d6473ca49f564a80a08562bffeb7efb729ecebdbedda9b0f9cbc367425
-
SHA512
b3692a52e709a6e9902baf6dd0142467ac88bdd54f09236deaf1bee6b5a65032b9b999b390dbe6b7f03b0bd34c28c059fbff1b10091015f2c874ac01d6086a12
-
SSDEEP
49152:E9BfDauF3rt3g7GNBamkmmCwLtLV3viyKXtLGNWImgPIsxmHCpswILEtLL:EfTxzG7CwdV3vidSWHFCmLwL
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-