General
-
Target
11EAEB2EE4191C259F66302AD1C03B1E.exe
-
Size
1.8MB
-
Sample
221130-sxk96scc78
-
MD5
11eaeb2ee4191c259f66302ad1c03b1e
-
SHA1
1035878efe2fce53d7414e72430756a11e1c4c04
-
SHA256
1d305787202474fcc79a210caf6cd88c7722fed5249797483817da4a04967f7b
-
SHA512
817a6724d17c7f4049163d9e774ae501c7b7122e10c782ecb4d31c0bef69134106e8d340466eddbc379b8868507ce9dc9c16d625aa30ff0396db4ef377bce969
-
SSDEEP
49152:qKVXGViAGZjn2vLDo/BeacqBfzqEP/JoX9RUW:qKpAGZjuLDo/BebqBfPBoNRUW
Static task
static1
Behavioral task
behavioral1
Sample
11EAEB2EE4191C259F66302AD1C03B1E.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
11EAEB2EE4191C259F66302AD1C03B1E.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
11EAEB2EE4191C259F66302AD1C03B1E.exe
-
Size
1.8MB
-
MD5
11eaeb2ee4191c259f66302ad1c03b1e
-
SHA1
1035878efe2fce53d7414e72430756a11e1c4c04
-
SHA256
1d305787202474fcc79a210caf6cd88c7722fed5249797483817da4a04967f7b
-
SHA512
817a6724d17c7f4049163d9e774ae501c7b7122e10c782ecb4d31c0bef69134106e8d340466eddbc379b8868507ce9dc9c16d625aa30ff0396db4ef377bce969
-
SSDEEP
49152:qKVXGViAGZjn2vLDo/BeacqBfzqEP/JoX9RUW:qKpAGZjuLDo/BebqBfPBoNRUW
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-