General
-
Target
2b873cb1b8eec5536a74c5ddab0472eff68cebf61757cbc317870b7192454ca8
-
Size
5.7MB
-
Sample
221125-ycbg5ade9x
-
MD5
f55559f66229a8cfb591e0bcaa54c109
-
SHA1
17006709ee364b356e564a01fd70107c69691573
-
SHA256
2b873cb1b8eec5536a74c5ddab0472eff68cebf61757cbc317870b7192454ca8
-
SHA512
2ae90705029c37b3cead09d64cfd18bffb5507cd7def80b4a87a4f8759f205b4b9cbb86bfea090a71b98948b638c0ea35026da3925a5a5be082087791c3089de
-
SSDEEP
98304:J2llez/udrnJll4dP5aSGie4udyO4Okjsstz8V8bHxLcIm:J2lUzYIoSGz4ud11/qiupm
Static task
static1
Behavioral task
behavioral1
Sample
2b873cb1b8eec5536a74c5ddab0472eff68cebf61757cbc317870b7192454ca8.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2b873cb1b8eec5536a74c5ddab0472eff68cebf61757cbc317870b7192454ca8.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
2b873cb1b8eec5536a74c5ddab0472eff68cebf61757cbc317870b7192454ca8
-
Size
5.7MB
-
MD5
f55559f66229a8cfb591e0bcaa54c109
-
SHA1
17006709ee364b356e564a01fd70107c69691573
-
SHA256
2b873cb1b8eec5536a74c5ddab0472eff68cebf61757cbc317870b7192454ca8
-
SHA512
2ae90705029c37b3cead09d64cfd18bffb5507cd7def80b4a87a4f8759f205b4b9cbb86bfea090a71b98948b638c0ea35026da3925a5a5be082087791c3089de
-
SSDEEP
98304:J2llez/udrnJll4dP5aSGie4udyO4Okjsstz8V8bHxLcIm:J2lUzYIoSGz4ud11/qiupm
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-