General
-
Target
Estado_de_Cargamentos_811012912_Impo_2020-10-05_28.exe
-
Size
417KB
-
Sample
230111-v3f9hshe6z
-
MD5
c341650f3a569533323481112df0723f
-
SHA1
aa4b26f749015b2fbcba6c5c4d7cd46f409d1e68
-
SHA256
10e4f69c6745f8eaeda8a3613b8e2b55464d21fb9cf02f0eb7cbc43249b6eb84
-
SHA512
23169c3002a29c89e495072f95948d701f5d040a7d0989e8cde008a83119de10272156bb87e2cb486751122c045b5c92394f1270bb24e1a421c08424a570ec8f
-
SSDEEP
12288:f8YUsnFTdCQodGoIwRDu+hDgYMY4429xficN:f8YzCZ1Ikq+hEjGwxj
Behavioral task
behavioral1
Sample
Estado_de_Cargamentos_811012912_Impo_2020-10-05_28.exe
Resource
win10v2004-20220812-es
Malware Config
Targets
-
-
Target
Estado_de_Cargamentos_811012912_Impo_2020-10-05_28.exe
-
Size
417KB
-
MD5
c341650f3a569533323481112df0723f
-
SHA1
aa4b26f749015b2fbcba6c5c4d7cd46f409d1e68
-
SHA256
10e4f69c6745f8eaeda8a3613b8e2b55464d21fb9cf02f0eb7cbc43249b6eb84
-
SHA512
23169c3002a29c89e495072f95948d701f5d040a7d0989e8cde008a83119de10272156bb87e2cb486751122c045b5c92394f1270bb24e1a421c08424a570ec8f
-
SSDEEP
12288:f8YUsnFTdCQodGoIwRDu+hDgYMY4429xficN:f8YzCZ1Ikq+hEjGwxj
Score10/10-
StormKitty payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-