General
-
Target
file.exe
-
Size
2.0MB
-
Sample
230219-fcqmyaeb7x
-
MD5
a83d528c3debe4486cc91b5922040711
-
SHA1
765d88a6a2ac079c0a7a7ac23dc630b82095339b
-
SHA256
446deb48d5641c4977a2cdf9eb3722cbd4170a2eebd2d8c6fca1430767af04ad
-
SHA512
a8c3e4b182882e79a6b74f6d9cd6514d268b1703ff76c8e07dfb4944a7ed83051a8816b40b9a2c9927cdd73a09a932a0c2d9ea83a8007bd400d289c35b4e433f
-
SSDEEP
24576:Nwksz4Fw2f16CwIUEirFZTUvIweQ3qRbYl6DLJMv4oVI1ZwF33z5hG4vkXZurFJ:4bCwIUE2jvdQ3mb1ZGvVkZ+3lfgy
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
2.0MB
-
MD5
a83d528c3debe4486cc91b5922040711
-
SHA1
765d88a6a2ac079c0a7a7ac23dc630b82095339b
-
SHA256
446deb48d5641c4977a2cdf9eb3722cbd4170a2eebd2d8c6fca1430767af04ad
-
SHA512
a8c3e4b182882e79a6b74f6d9cd6514d268b1703ff76c8e07dfb4944a7ed83051a8816b40b9a2c9927cdd73a09a932a0c2d9ea83a8007bd400d289c35b4e433f
-
SSDEEP
24576:Nwksz4Fw2f16CwIUEirFZTUvIweQ3qRbYl6DLJMv4oVI1ZwF33z5hG4vkXZurFJ:4bCwIUE2jvdQ3mb1ZGvVkZ+3lfgy
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-