General
-
Target
830e263bd2cb32339586ba47a3f7a7c98dfca64557f701f2bcea1f768fd3e901
-
Size
12KB
-
Sample
230129-x8ph7aba27
-
MD5
2b02f3cc9e5ff3fed55914378bd3e61d
-
SHA1
5d8798ed6581e09b973d30086dbdf99fac3347bd
-
SHA256
830e263bd2cb32339586ba47a3f7a7c98dfca64557f701f2bcea1f768fd3e901
-
SHA512
ddd9691b96a711637f4b429a1ead879a864b7c6c816de4d532a6c0c47fa7ac675bc6cf9f2b9e51c5c534dbb90cd44c4b6bf1faba9ecc75d6efd56e81403d2268
-
SSDEEP
192:7A+yNB0HHwSgaIVr53eDmiiqGsf0LEG85YcvV1:7AxNGHH8953eDmindf0LEGkYcvV1
Static task
static1
Behavioral task
behavioral1
Sample
830e263bd2cb32339586ba47a3f7a7c98dfca64557f701f2bcea1f768fd3e901.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
830e263bd2cb32339586ba47a3f7a7c98dfca64557f701f2bcea1f768fd3e901.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
830e263bd2cb32339586ba47a3f7a7c98dfca64557f701f2bcea1f768fd3e901
-
Size
12KB
-
MD5
2b02f3cc9e5ff3fed55914378bd3e61d
-
SHA1
5d8798ed6581e09b973d30086dbdf99fac3347bd
-
SHA256
830e263bd2cb32339586ba47a3f7a7c98dfca64557f701f2bcea1f768fd3e901
-
SHA512
ddd9691b96a711637f4b429a1ead879a864b7c6c816de4d532a6c0c47fa7ac675bc6cf9f2b9e51c5c534dbb90cd44c4b6bf1faba9ecc75d6efd56e81403d2268
-
SSDEEP
192:7A+yNB0HHwSgaIVr53eDmiiqGsf0LEG85YcvV1:7AxNGHH8953eDmindf0LEGkYcvV1
Score8/10-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Adds Run key to start application
-