General
-
Target
48e2ad344b4240d772ba22b4b72cd126f230a9fd680c39f1ced7687f5b991a44
-
Size
564KB
-
Sample
221128-sh7jvscd58
-
MD5
4642bc53e5eee2c239418f0d44671a05
-
SHA1
2d78cc3aeaf6629270b68c56f92de5d1e03c638f
-
SHA256
48e2ad344b4240d772ba22b4b72cd126f230a9fd680c39f1ced7687f5b991a44
-
SHA512
6ab45779d6dd6ac9ba47e8e4b26d240741c35d2d491137aa450bdf6be065415bb5c89ae16e2deae406a3b8725391e7a0f7f3f9e360c386cc8edd52c1fed6a29c
-
SSDEEP
12288:XOTK3OSz3YDo5rLLlLCR3fcCvK4whQ0hPpaK:YhSr/5nYRvMQ06K
Static task
static1
Behavioral task
behavioral1
Sample
48e2ad344b4240d772ba22b4b72cd126f230a9fd680c39f1ced7687f5b991a44.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
48e2ad344b4240d772ba22b4b72cd126f230a9fd680c39f1ced7687f5b991a44
-
Size
564KB
-
MD5
4642bc53e5eee2c239418f0d44671a05
-
SHA1
2d78cc3aeaf6629270b68c56f92de5d1e03c638f
-
SHA256
48e2ad344b4240d772ba22b4b72cd126f230a9fd680c39f1ced7687f5b991a44
-
SHA512
6ab45779d6dd6ac9ba47e8e4b26d240741c35d2d491137aa450bdf6be065415bb5c89ae16e2deae406a3b8725391e7a0f7f3f9e360c386cc8edd52c1fed6a29c
-
SSDEEP
12288:XOTK3OSz3YDo5rLLlLCR3fcCvK4whQ0hPpaK:YhSr/5nYRvMQ06K
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-