General
-
Target
d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0
-
Size
364KB
-
Sample
221126-2lzg4aea9x
-
MD5
717456f53a12add2755742c7ad756ea5
-
SHA1
a68cab3b6aa3f00d44a8cbbc32aeaec7c88080f6
-
SHA256
d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0
-
SHA512
ac6272dbe1f831e0266397b0e77a577e1a427b019884401a092d1e28aad3eb92259eea74ca56253a142d88f822d2fc1e83cc7b4815ce864d3dfae771623573a9
-
SSDEEP
6144:vDMHW+RHqLcDmuHMWQl0DbLstSumaFwRnjxyB8tM:vDMHWcocD/shlftSzRnjxPi
Static task
static1
Behavioral task
behavioral1
Sample
d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0
-
Size
364KB
-
MD5
717456f53a12add2755742c7ad756ea5
-
SHA1
a68cab3b6aa3f00d44a8cbbc32aeaec7c88080f6
-
SHA256
d6b15325a9c8212256c1bfe2d08be61ac05be2b39a00acf4e6d41fcc61609eb0
-
SHA512
ac6272dbe1f831e0266397b0e77a577e1a427b019884401a092d1e28aad3eb92259eea74ca56253a142d88f822d2fc1e83cc7b4815ce864d3dfae771623573a9
-
SSDEEP
6144:vDMHW+RHqLcDmuHMWQl0DbLstSumaFwRnjxyB8tM:vDMHWcocD/shlftSzRnjxPi
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks for any installed AV software in registry
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-