General
-
Target
e8f17fe148aacdc799ff3e3ae535c48b391b37e14d739e375793da1d50a1454f
-
Size
291KB
-
Sample
221203-dtmlhadf2y
-
MD5
fdd2c8263c374973bc7cb9f0602b04ba
-
SHA1
8cc09844a1116b7f09d09160ae0743fbf2b39e35
-
SHA256
e8f17fe148aacdc799ff3e3ae535c48b391b37e14d739e375793da1d50a1454f
-
SHA512
a8faa425ac72dd205e1fa1aeb6c650e724e57469695b1b87679ea735c6e59096712580516f82b0681337e4eeec2cc0067018d85a6175b2cee943ee91299a2cb5
-
SSDEEP
6144:A2ckdGiHBX6ZZ7jdObvG4MbT5/x8utNK:HtnHBqZZAbPMP551NK
Static task
static1
Behavioral task
behavioral1
Sample
e8f17fe148aacdc799ff3e3ae535c48b391b37e14d739e375793da1d50a1454f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e8f17fe148aacdc799ff3e3ae535c48b391b37e14d739e375793da1d50a1454f.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
e8f17fe148aacdc799ff3e3ae535c48b391b37e14d739e375793da1d50a1454f
-
Size
291KB
-
MD5
fdd2c8263c374973bc7cb9f0602b04ba
-
SHA1
8cc09844a1116b7f09d09160ae0743fbf2b39e35
-
SHA256
e8f17fe148aacdc799ff3e3ae535c48b391b37e14d739e375793da1d50a1454f
-
SHA512
a8faa425ac72dd205e1fa1aeb6c650e724e57469695b1b87679ea735c6e59096712580516f82b0681337e4eeec2cc0067018d85a6175b2cee943ee91299a2cb5
-
SSDEEP
6144:A2ckdGiHBX6ZZ7jdObvG4MbT5/x8utNK:HtnHBqZZAbPMP551NK
Score10/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-