General
-
Target
0a347b0403c2fc829ce29b6722e0df406ee0b838f6f197568155869181b403b8
-
Size
536KB
-
Sample
221128-r9z4esbf86
-
MD5
f2d29f6ea82c4bdc61edb5c5ae1cc828
-
SHA1
25701f823f19e5518871d246a43029a9e400be86
-
SHA256
0a347b0403c2fc829ce29b6722e0df406ee0b838f6f197568155869181b403b8
-
SHA512
a68a7fa309f6f8e1a627747eb5b87f24160826ac8fdba958a1d3c26f23c98844e99ca921ab98b5e9d3720857dbffff65a5073aa97e3a0c9bf570839c6ad7bbbc
-
SSDEEP
12288:8TDZarqHpux1pH2xY9KwfVzSHAIJzuctBAiGYh:8T1arqHoY02gIBhtB/GYh
Static task
static1
Behavioral task
behavioral1
Sample
0a347b0403c2fc829ce29b6722e0df406ee0b838f6f197568155869181b403b8.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0a347b0403c2fc829ce29b6722e0df406ee0b838f6f197568155869181b403b8.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
0a347b0403c2fc829ce29b6722e0df406ee0b838f6f197568155869181b403b8
-
Size
536KB
-
MD5
f2d29f6ea82c4bdc61edb5c5ae1cc828
-
SHA1
25701f823f19e5518871d246a43029a9e400be86
-
SHA256
0a347b0403c2fc829ce29b6722e0df406ee0b838f6f197568155869181b403b8
-
SHA512
a68a7fa309f6f8e1a627747eb5b87f24160826ac8fdba958a1d3c26f23c98844e99ca921ab98b5e9d3720857dbffff65a5073aa97e3a0c9bf570839c6ad7bbbc
-
SSDEEP
12288:8TDZarqHpux1pH2xY9KwfVzSHAIJzuctBAiGYh:8T1arqHoY02gIBhtB/GYh
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-