General
-
Target
PRODUCTS LIST INQUIRY.rar
-
Size
585KB
-
Sample
221206-qtqdlscc47
-
MD5
fd23b5b27a5cf0d20f26b985393258df
-
SHA1
21722e3293ffe7c241c0ad13b120cede6060217d
-
SHA256
18abbbcd5150e7160600c75a426fdeb95a69634a2071a60f92a9ed62163b9a87
-
SHA512
eceebfc62f24a43cee980bae4a39ffbce01bb9903b8feaf6b47f9232474c4bcfed64083af8279e40bf6e82ea4544e7b734c98317985624239f3d26ad14b88051
-
SSDEEP
12288:BvnBOBt8OMjpzRfRfea1yqVJJqpy8i8VUW0VVpTJBARvMKqnTzsZMPzDnLMzOco6:BvnBOBt8OM9zpRfeaQOJcUi1mTJ3bf6
Static task
static1
Behavioral task
behavioral1
Sample
PRODUCTS LIST INQUIRY.exe
Resource
win7-20221111-en
Malware Config
Extracted
formbook
0vh9
kT0Usm0+fHGF7CkiArMh/tpf8d/XmQE=
0fmX7QILD44W+4BvafbZzOs=
cu0K8dW1ampaxA==
mMUbaeih2AfncJFGQQ==
hbUGHyjFfvGHWhfdzKFAKACZFug=
yjwyDLSAuuQScZpTEt/p0g==
QVOuL9rCqaSZBDn18NM=
80J9zt627lL0
dRXhSLjVSYyE2g==
QuSd7Qu7JmkOkqOTf9gC4P5d322R+Ak=
TGmyjSzk7VR50A==
Per96I1KSYyE2g==
smg9xW2N/NH8O5xPQw==
epfEwPC7ggR37cX39cc=
s2tPNeqhoGyRpCQevaVh
0HJrO9mYxtjW0m+nEfbZzOs=
9ppmyuPh6JiKX+17X/bZzOs=
wrxE0u6FSNp5RtFYT83Yj+s2sz4kyg==
y4FnMsyMjUo7DqoovqLXyw==
tWNC35fFQyZe1Mt7fAQyHuycNOs=
LkPEYuLzgcxDq6xSEt/p0g==
tEDkQVEFc0g1O5xPQw==
vlt3HHDbR5p0YdGSWw==
K+UO41DfEQ0uiXOxBijXTeM=
s2E+EhJEePRzYuXWlqNKnEBD
vz9jPdr4zPvSuGvl
NqVtAraE0NHCu2TYDqrjzw==
VfTgwXZASYyE2g==
HjRiL86Mm9LzeZZOSw==
rssRFz8DZJ8MW1+gX2jvYO0=
0I6jmUt8MjYyncmDfgExHQCZFug=
rcXrnEZ6KTBh3MX39cc=
fUttTKBXziC5iiEevaVh
TxIQwdTsqDNFpOU=
dNXmsxuuoGQTMrDt
/rvUu2QjXV1Svfi2efbZzOs=
9xE76Fj8OyhSyMiGZ9ANAtpf8d/XmQE=
RD/CYgjEB+7nDXo4MMHo2g==
koCfhYxWFHNi4vI=
xJJsA69spND5SF4LA6HRpb8ldXT782mUnA==
0HeKeChZ4cn9O5xPQw==
Nq28w6+v8d7RICXs6aQvIQCZFug=
B3M0y2l579uD0Os=
yYNnTAKs49b9O5xPQw==
5xVy2f2HQtR3R+wevaVh
msCc7w95hfVgAO4tl7AZtkXCd4i4AB95
Hbpe75G5NWsTlbix/PWUCpIcVmPP
ncD1rI16DFM=
mC5kGMz7fHNi4vI=
1PWl+Q04QKlQOu1hx6hvG3Jhew==
Rv80QxE+tumULFtRPYt28IBrbH64AB95
Aquuv19j7dYAyHp8D0ZKskRD
GAUzAzL7RWVeMddgEt/p0g==
7Q91FGcibh8F0HHl
M6Nu7VXxLC2IgMX39cc=
p77o5UiO2RTj
sdRCmQIh2hJBm7RxXPbZzOs=
rgCmKFcTOlqTIEIE2YwqIgCZFug=
+zfRX4EZymzuUX160sso2W9S
kZLyfPyR0QArO5xPQw==
cB05Gb3UXFB23tkXCM0=
aMRW3f8KDLabWpZUSw==
hCQoN85YnJuUj/ohm6ph7z8zYg==
U2jgS3eeWUtkxw==
8499162.xyz
Targets
-
-
Target
PRODUCTS LIST INQUIRY.exe
-
Size
833KB
-
MD5
62dbf29de2b765943525b45e080c168a
-
SHA1
cd40c7a3ae6d2c6e2c7436eb5da2407d84f6cc7b
-
SHA256
52b739a0edc9a1a008131eedb6b9385e6aa99ea46e15ab65fa7e1045ec6908e2
-
SHA512
4059ebb5665670ba140a14aad5996407fe843bb19491b9f10a00e423c5e1332a8a325dd8fa4e438418d5ef1a451d749b19506c18cae4218161b140346d780a54
-
SSDEEP
12288:IckyiUw4N8guVN4P9OCEqrK40DafmmiVR2mqrYy6FjmaZgKZ/nXt7virmWhlGLak:bkyiN4GPVN4P9OFqu40DRRmY
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-