General
-
Target
2dbf68789ff9a2847fffb4afb9eec6e57b4271f266d70a547061a4cfa8044615
-
Size
506KB
-
Sample
221127-qmpthaah26
-
MD5
2094bcda6fa0597fa1f165628400a469
-
SHA1
da47bfd7f50e0b9e0727d09dcff4827f07e0d281
-
SHA256
2dbf68789ff9a2847fffb4afb9eec6e57b4271f266d70a547061a4cfa8044615
-
SHA512
7a7a2b9ba6947752aa85074a6eff44b3499409663b12c97ebbb24e36edd087165e6a0a2e63b83cc470a57c62940ba2887f4aee17c065c2e4fa00ab8066bd8164
-
SSDEEP
6144:vPMNhL2mdS8b8lZvN8hLrt6qnNEWSWbKFqkaGuj6LV:vPKhKme2KQ/SWW0vGuj6LV
Static task
static1
Behavioral task
behavioral1
Sample
2dbf68789ff9a2847fffb4afb9eec6e57b4271f266d70a547061a4cfa8044615.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
2dbf68789ff9a2847fffb4afb9eec6e57b4271f266d70a547061a4cfa8044615
-
Size
506KB
-
MD5
2094bcda6fa0597fa1f165628400a469
-
SHA1
da47bfd7f50e0b9e0727d09dcff4827f07e0d281
-
SHA256
2dbf68789ff9a2847fffb4afb9eec6e57b4271f266d70a547061a4cfa8044615
-
SHA512
7a7a2b9ba6947752aa85074a6eff44b3499409663b12c97ebbb24e36edd087165e6a0a2e63b83cc470a57c62940ba2887f4aee17c065c2e4fa00ab8066bd8164
-
SSDEEP
6144:vPMNhL2mdS8b8lZvN8hLrt6qnNEWSWbKFqkaGuj6LV:vPKhKme2KQ/SWW0vGuj6LV
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-