General
-
Target
ecdffe05411786c5546a7c19ccedf2414ed6f504f8c21f2c9549b00fcd3c0a0f
-
Size
1.2MB
-
Sample
221130-vcchmsgg42
-
MD5
8978c92506c07d5302ce6dc662f9f04a
-
SHA1
f428dc75757b74a4d4c5af2aead9c1632aadf1ab
-
SHA256
ecdffe05411786c5546a7c19ccedf2414ed6f504f8c21f2c9549b00fcd3c0a0f
-
SHA512
57e09ee7662110850d59f9a08093b6f309f03234b9f252ac491b73a1be3521e0a7f0764a597632332efb296944c741060015cd9692bdcc56e1d3abc55b0549c2
-
SSDEEP
24576:AtNzf/+vtSE3hY2mvb8ryQr1+0sPMeLVwhlDKQHp:qfG1S+z88+Qr1+0sPMeLG7f
Static task
static1
Behavioral task
behavioral1
Sample
ecdffe05411786c5546a7c19ccedf2414ed6f504f8c21f2c9549b00fcd3c0a0f.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
ecdffe05411786c5546a7c19ccedf2414ed6f504f8c21f2c9549b00fcd3c0a0f
-
Size
1.2MB
-
MD5
8978c92506c07d5302ce6dc662f9f04a
-
SHA1
f428dc75757b74a4d4c5af2aead9c1632aadf1ab
-
SHA256
ecdffe05411786c5546a7c19ccedf2414ed6f504f8c21f2c9549b00fcd3c0a0f
-
SHA512
57e09ee7662110850d59f9a08093b6f309f03234b9f252ac491b73a1be3521e0a7f0764a597632332efb296944c741060015cd9692bdcc56e1d3abc55b0549c2
-
SSDEEP
24576:AtNzf/+vtSE3hY2mvb8ryQr1+0sPMeLVwhlDKQHp:qfG1S+z88+Qr1+0sPMeLG7f
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-