General
-
Target
efd753a82d9ab58041b4a4a71721031378ab457fc8023192a6302839bcd2ed2b
-
Size
4.2MB
-
Sample
221217-ybnq3ahd22
-
MD5
132272df191d6379fa81244e29bb21fa
-
SHA1
9d01629c1e21107fda5d59c5d68b2c18c980cb37
-
SHA256
efd753a82d9ab58041b4a4a71721031378ab457fc8023192a6302839bcd2ed2b
-
SHA512
23b1c81cdd5dae8cf961458e71165e3a5cf5b5d4a6a9c706355a611ef5f52b7a0014653862e227487fb9900c83444fea297e27cbbf6c70f80832c98a114d84dc
-
SSDEEP
98304:5krcHlMSCOl0tbIjtpRQvkrERXREGW+XXXkAFivdVvfSg:ec8YAvkrERBEGWWnkai1N6
Static task
static1
Malware Config
Targets
-
-
Target
efd753a82d9ab58041b4a4a71721031378ab457fc8023192a6302839bcd2ed2b
-
Size
4.2MB
-
MD5
132272df191d6379fa81244e29bb21fa
-
SHA1
9d01629c1e21107fda5d59c5d68b2c18c980cb37
-
SHA256
efd753a82d9ab58041b4a4a71721031378ab457fc8023192a6302839bcd2ed2b
-
SHA512
23b1c81cdd5dae8cf961458e71165e3a5cf5b5d4a6a9c706355a611ef5f52b7a0014653862e227487fb9900c83444fea297e27cbbf6c70f80832c98a114d84dc
-
SSDEEP
98304:5krcHlMSCOl0tbIjtpRQvkrERXREGW+XXXkAFivdVvfSg:ec8YAvkrERBEGWWnkai1N6
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-