General
-
Target
bb88ff1c8a9fedda601ee817f7baf597f39f725322320fe6c39805e1a51ac6af
-
Size
331KB
-
Sample
221129-nqp8bsef24
-
MD5
eb2cc33b05f167b62155d3afdd33bca2
-
SHA1
884068cd29cc9ff4d8a1a1d898f5a868d547c334
-
SHA256
bb88ff1c8a9fedda601ee817f7baf597f39f725322320fe6c39805e1a51ac6af
-
SHA512
9cc8623fcf7fc335e38b04f5aa84575f2467c0a5f0f731d1f17cca78fb6bca7d520affc3c0fe84e24610f80d13c1ed4a92201c5a305da89d60aebb088282d096
-
SSDEEP
6144:SM41YTICjnbHv1eNJa0rr7DxodlqFYZwfjJVYv0yGKb52Wf:SKjLv03aYDxodluYZw7JV+2Wf
Static task
static1
Behavioral task
behavioral1
Sample
bb88ff1c8a9fedda601ee817f7baf597f39f725322320fe6c39805e1a51ac6af.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
bb88ff1c8a9fedda601ee817f7baf597f39f725322320fe6c39805e1a51ac6af
-
Size
331KB
-
MD5
eb2cc33b05f167b62155d3afdd33bca2
-
SHA1
884068cd29cc9ff4d8a1a1d898f5a868d547c334
-
SHA256
bb88ff1c8a9fedda601ee817f7baf597f39f725322320fe6c39805e1a51ac6af
-
SHA512
9cc8623fcf7fc335e38b04f5aa84575f2467c0a5f0f731d1f17cca78fb6bca7d520affc3c0fe84e24610f80d13c1ed4a92201c5a305da89d60aebb088282d096
-
SSDEEP
6144:SM41YTICjnbHv1eNJa0rr7DxodlqFYZwfjJVYv0yGKb52Wf:SKjLv03aYDxodluYZw7JV+2Wf
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-