General
-
Target
e8c3ec55950a60eefb87804fc8d9f8c940b736acbe58cc6a57e2c1fd9f8f45d8
-
Size
312KB
-
Sample
221126-jct7xafc3v
-
MD5
b1635eb217a35ad017b325de9bd716c9
-
SHA1
995529fb8a3bb60a6955d5ec99d60f022abe82b0
-
SHA256
e8c3ec55950a60eefb87804fc8d9f8c940b736acbe58cc6a57e2c1fd9f8f45d8
-
SHA512
fd806f143181aeb3084315086b8a3ff0da7c4a817956ce7d7ff5d2afb0b39e6d24fb112b0b6a0de1d85ebb050344c9e0ff7685d90f01a8f425f75e68f0bbf35f
-
SSDEEP
6144:fnqFEryl06nGjUuHFYA1HZ7pVvzhu9douIzZPgFTxslFLw:fnlyl90vh57Xhu9WuCZPMVEF
Static task
static1
Behavioral task
behavioral1
Sample
e8c3ec55950a60eefb87804fc8d9f8c940b736acbe58cc6a57e2c1fd9f8f45d8.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
e8c3ec55950a60eefb87804fc8d9f8c940b736acbe58cc6a57e2c1fd9f8f45d8
-
Size
312KB
-
MD5
b1635eb217a35ad017b325de9bd716c9
-
SHA1
995529fb8a3bb60a6955d5ec99d60f022abe82b0
-
SHA256
e8c3ec55950a60eefb87804fc8d9f8c940b736acbe58cc6a57e2c1fd9f8f45d8
-
SHA512
fd806f143181aeb3084315086b8a3ff0da7c4a817956ce7d7ff5d2afb0b39e6d24fb112b0b6a0de1d85ebb050344c9e0ff7685d90f01a8f425f75e68f0bbf35f
-
SSDEEP
6144:fnqFEryl06nGjUuHFYA1HZ7pVvzhu9douIzZPgFTxslFLw:fnlyl90vh57Xhu9WuCZPMVEF
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-