General
-
Target
scan001.exe
-
Size
338KB
-
Sample
221208-y8evesbd52
-
MD5
e6c47976b4d53fd52464cfc18c8a57af
-
SHA1
31bf2e8c7b123cd7c04899fb64bbe3832823e217
-
SHA256
b3bcb18dda143e601f302a1cd248189f553d03ffbd707a05a3df3048f0c5b407
-
SHA512
28d927de8a6a44ea0eea2789b4f2d6b73a21a38072fdf28242a79fcdea06244229c088c922e87fd8556c0dc774af97483ac66a73b3ef3a8d22b6858a37740753
-
SSDEEP
6144:9kwUZdjCHZAGW3UgK9Xa64EIcdM5Rqyz7t/SLkopNYXhH7jsL2Sk8csUv3YWlZ:QdjM6UgiXpycW3qaRkkyNq7jU2SVUv3B
Static task
static1
Behavioral task
behavioral1
Sample
scan001.exe
Resource
win7-20220812-en
Malware Config
Extracted
formbook
9qtp
0BbXnywB2jUlm9nKiMma
R5A2IaujqtD/dAqI8Y0IpQ==
hOvaxGAt51Bx33P7Vyt6XPnYWw==
IDg+M/RH+D5aQ18d8Y0IpQ==
W1xH1/2HTrysGWEUdK2equ4Y
qHgkqNn4xTo4
8S7brii3eMzty+KgvBqIXPnYWw==
j8x44wKIXrW2tRiH8Y0IpQ==
GywuINvBRm2eaNY=
dTja44gPmQhkiaLZ
s6aIdgBm7Dx5fsUB2rE=
m5h7cA6JHX1p5ylfoc4ouA==
uDxNFJgassFFTdQ=
RERUNcLCgdAOabklo1PDTjf5Uw==
pKeadO1BswJQKXZ0tAkBF9wkNVs=
xd7Yr00rxzGBNlS1XA==
01Jd2fhoQpThdH5Sc8sprQ==
oOSWBCeNDDWeB8M=
EV8ae4iFCmdrT78Zr6VnObkG
Ghkc7nZnXXPEOX1FUToisZc=
b+TNSW7b5QZMVNY=
9YuHzc4u/maAe8UB2rE=
7wf+AJthHXmV9nchmnw/IZawRg==
fhEQhqTxpfMF4vJ0v6k=
cMR3bRQDDTiO5zbR
NritHTEovCqJ3B2F8Y0IpQ==
klEQFNYnGkJ0jQ+4KgiS
xohapLQMeb4YA0lSOZeD
IqWU5PhT8lGJW6OQbk4mL3Lf82Z4
ID89EYH9b4MfdH5Sc8sprQ==
H3kqGamujP83ud3KiMma
W7BYEsCqn6IDgQ==
9AgU73x+RJKrHLBC28gz6NwkNVs=
CCIUpNIztsFFTdQ=
VGRaOKoCmsFFTdQ=
vrGmWzoJ1zw2fwOjGVdnObkG
h85TMWsBiug=
wEI/qbob6ERjMWGpNrAv4Z4=
MjpSfr8QAdZkiaLZ
CETvX1ph3SB7NlS1XA==
vfrKyXlaIoupAYD+p/AqgpPD+21xH/M=
Kh0UA7KJEl1zzNrKiMma
tqaWljgGrAxZ54InAWsXaUr6VA==
ICsazaoutRRkiaLZ
ouGdZ+Za0ELS9DacVA==
eCgAABjTFPe7NlS1XA==
9nNDGwq8yhYl
9nd4DDaEKkrLmt0ampEA4nMfeG0Ncw==
3/Ds4pKMZ8rsZfJzxqVnObkG
z9TY1XLzmsFFTdQ=
GUA9GZVwSLjXO0du8Y0IpQ==
a5SMdQiNJX/Atz9GIkAzVrMDD2Ny
XJdOIKzXsAYxMYnt57s=
RFFU5nM6NR1SNck=
dN3GPm7kpcFFTdQ=
kntqyckK1hxTyGTKiMma
Yvr0PlCxLXzXscUB2rE=
9M6TfP5T5j92TZiCrwX2CXMDD2Ny
a7B2YQPcthAMk9bKiMma
RMC0xwAWsBB2NlS1XA==
WyDgT2/Bgs7VuUJPQ43zqdwkNVs=
bkwVbI4C4j+XQl8d8Y0IpQ==
KiHQ/aot/FR626cNiciY
gYxzT9xg/l21ouUVgmjq8m8DD2Ny
lee-perez.com
Targets
-
-
Target
scan001.exe
-
Size
338KB
-
MD5
e6c47976b4d53fd52464cfc18c8a57af
-
SHA1
31bf2e8c7b123cd7c04899fb64bbe3832823e217
-
SHA256
b3bcb18dda143e601f302a1cd248189f553d03ffbd707a05a3df3048f0c5b407
-
SHA512
28d927de8a6a44ea0eea2789b4f2d6b73a21a38072fdf28242a79fcdea06244229c088c922e87fd8556c0dc774af97483ac66a73b3ef3a8d22b6858a37740753
-
SSDEEP
6144:9kwUZdjCHZAGW3UgK9Xa64EIcdM5Rqyz7t/SLkopNYXhH7jsL2Sk8csUv3YWlZ:QdjM6UgiXpycW3qaRkkyNq7jU2SVUv3B
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-