General
-
Target
b05920b00f2252b5060c6a6b0dbe4df78973754a8044598c65fc7ad60b498e66
-
Size
944KB
-
Sample
230303-qakc9ahe68
-
MD5
c962299aa7f1294524a03cb2c7925f14
-
SHA1
2c3a73a02cf691248c5ecaa1d2111f9b0c197713
-
SHA256
b05920b00f2252b5060c6a6b0dbe4df78973754a8044598c65fc7ad60b498e66
-
SHA512
9dd66ddce441cb20ca296ddc9ba9023c397ef27ca6974fec8f6bd5e0b12167154f91606a1216bc745d7aa8babcf1677c005120b8c56bb4ab8583a3a796f19d7b
-
SSDEEP
24576:K5VTOzE3lI8hzkn1L2eEFk/6cXJ/dEI56q2A/Te:IcE1rzk1ahFYXJl75h1/T
Static task
static1
Behavioral task
behavioral1
Sample
b05920b00f2252b5060c6a6b0dbe4df78973754a8044598c65fc7ad60b498e66.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
b05920b00f2252b5060c6a6b0dbe4df78973754a8044598c65fc7ad60b498e66.exe
Resource
win10-20230220-en
Behavioral task
behavioral3
Sample
b05920b00f2252b5060c6a6b0dbe4df78973754a8044598c65fc7ad60b498e66.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
systembc
31.222.238.58:4280
192.168.1.28:4280
Targets
-
-
Target
b05920b00f2252b5060c6a6b0dbe4df78973754a8044598c65fc7ad60b498e66
-
Size
944KB
-
MD5
c962299aa7f1294524a03cb2c7925f14
-
SHA1
2c3a73a02cf691248c5ecaa1d2111f9b0c197713
-
SHA256
b05920b00f2252b5060c6a6b0dbe4df78973754a8044598c65fc7ad60b498e66
-
SHA512
9dd66ddce441cb20ca296ddc9ba9023c397ef27ca6974fec8f6bd5e0b12167154f91606a1216bc745d7aa8babcf1677c005120b8c56bb4ab8583a3a796f19d7b
-
SSDEEP
24576:K5VTOzE3lI8hzkn1L2eEFk/6cXJ/dEI56q2A/Te:IcE1rzk1ahFYXJl75h1/T
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-