General
-
Target
eefb7e6f07e9cc6b7a631250a9832a73d3341a5cd89a8c1a979ef9621c682de4
-
Size
4.9MB
-
Sample
221207-kbhyxsab96
-
MD5
0f1c2db4971cb37da97ed6dff6f071b8
-
SHA1
1a11434db84ab8189cca0e73c439ed862de17df0
-
SHA256
eefb7e6f07e9cc6b7a631250a9832a73d3341a5cd89a8c1a979ef9621c682de4
-
SHA512
7797adf05623c865710681f0b4572dbd39e30c996dbfe959b732c07fe646fc829c7004f94ff8884c1687b98863b84bb3c04573a87d95d9a627777c8f6a21d8fd
-
SSDEEP
49152:TWpFbzP8NKERLbzZAbS+r8StQmMqRSYtPZOpiz+13zcQWQY0JxX3Sr:
Static task
static1
Behavioral task
behavioral1
Sample
eefb7e6f07e9cc6b7a631250a9832a73d3341a5cd89a8c1a979ef9621c682de4.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
eefb7e6f07e9cc6b7a631250a9832a73d3341a5cd89a8c1a979ef9621c682de4
-
Size
4.9MB
-
MD5
0f1c2db4971cb37da97ed6dff6f071b8
-
SHA1
1a11434db84ab8189cca0e73c439ed862de17df0
-
SHA256
eefb7e6f07e9cc6b7a631250a9832a73d3341a5cd89a8c1a979ef9621c682de4
-
SHA512
7797adf05623c865710681f0b4572dbd39e30c996dbfe959b732c07fe646fc829c7004f94ff8884c1687b98863b84bb3c04573a87d95d9a627777c8f6a21d8fd
-
SSDEEP
49152:TWpFbzP8NKERLbzZAbS+r8StQmMqRSYtPZOpiz+13zcQWQY0JxX3Sr:
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-