General
-
Target
4qo856.bat
-
Size
2.1MB
-
Sample
230202-h9ecaahd2t
-
MD5
e8939f95a675b9fb924eebe38827c456
-
SHA1
fc8b276222231d8184c21c69b655903b84a59430
-
SHA256
75ce85c7868efffdd665bf1234b0e2cfc31a5bd24a493cfb6e237e7de32cb73e
-
SHA512
f149ca122eddf7e8f611427ebd146608096884ee3b9e4b97c77d2771f6119afb13f357a3d5192e099a6168606c3d3c151eefe36779f8c82640b8a2b2a75c5e08
-
SSDEEP
24576:NnNaBvX2dfBil92AzBE4y1/feTDVzt6iZ+9/5KbCSfpItxCxe0U1k2jPaez/+L6a:KGwl2vuuiY50Tk91HLiA5dLkll1n
Static task
static1
Behavioral task
behavioral1
Sample
4qo856.bat
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
4qo856.bat
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
4qo856.bat
-
Size
2.1MB
-
MD5
e8939f95a675b9fb924eebe38827c456
-
SHA1
fc8b276222231d8184c21c69b655903b84a59430
-
SHA256
75ce85c7868efffdd665bf1234b0e2cfc31a5bd24a493cfb6e237e7de32cb73e
-
SHA512
f149ca122eddf7e8f611427ebd146608096884ee3b9e4b97c77d2771f6119afb13f357a3d5192e099a6168606c3d3c151eefe36779f8c82640b8a2b2a75c5e08
-
SSDEEP
24576:NnNaBvX2dfBil92AzBE4y1/feTDVzt6iZ+9/5KbCSfpItxCxe0U1k2jPaez/+L6a:KGwl2vuuiY50Tk91HLiA5dLkll1n
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-