General
-
Target
bd5acaf99683a50ae23b4b2ff8d7ca8a6c9b336f1025e3ce06825f3fa635f69a
-
Size
1.1MB
-
Sample
221203-gxlp6abb97
-
MD5
c45df2ad5a30bf14b9a2ea08bbace08f
-
SHA1
cce030b3ce2aadf6b95d9152accc54ee7fc53f74
-
SHA256
bd5acaf99683a50ae23b4b2ff8d7ca8a6c9b336f1025e3ce06825f3fa635f69a
-
SHA512
bc2f9842ecaaed03278a745714084b905e928d295314ea42ddb9470c8e90176cf94ed4bbe9c92228524e63c71238721f6ed4dee62c155ffea6b56a3aef6d853b
-
SSDEEP
24576:rnqZZhmaItsCvugR2SQqOr5edCdcl5edCdc:rCTPItsCGgxQqcSxS
Static task
static1
Behavioral task
behavioral1
Sample
bd5acaf99683a50ae23b4b2ff8d7ca8a6c9b336f1025e3ce06825f3fa635f69a.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
bd5acaf99683a50ae23b4b2ff8d7ca8a6c9b336f1025e3ce06825f3fa635f69a
-
Size
1.1MB
-
MD5
c45df2ad5a30bf14b9a2ea08bbace08f
-
SHA1
cce030b3ce2aadf6b95d9152accc54ee7fc53f74
-
SHA256
bd5acaf99683a50ae23b4b2ff8d7ca8a6c9b336f1025e3ce06825f3fa635f69a
-
SHA512
bc2f9842ecaaed03278a745714084b905e928d295314ea42ddb9470c8e90176cf94ed4bbe9c92228524e63c71238721f6ed4dee62c155ffea6b56a3aef6d853b
-
SSDEEP
24576:rnqZZhmaItsCvugR2SQqOr5edCdcl5edCdc:rCTPItsCGgxQqcSxS
-
Modifies firewall policy service
-
Modifies security service
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-