General
-
Target
tmp
-
Size
306KB
-
Sample
230327-en9drade8y
-
MD5
3023e739cfa1394e680f4dd2d4ca43ba
-
SHA1
bdea1c13af13763cddf2a134ec1d272f43081749
-
SHA256
1485eec815dd8ddecd0149e13f7486df102667c4da1a524101f6eb08f6548814
-
SHA512
001ecdf994dad7bd92d874f37fa4d7f8027b376160c3dea0f6f6da6a3364adc17e2524fdd29e3cf41b4f52195c5a14ae5ac64f142277456df268eb0b01fa6df3
-
SSDEEP
6144:vYa6U3ctjJiHPKgFEV7B5wvWsTq/ylTwgNo9QowyDmOggt5lDjOE8pH5a:vYaMZJiHPKuEVF5VsTq6lcdQowyCelDR
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
tmp
-
Size
306KB
-
MD5
3023e739cfa1394e680f4dd2d4ca43ba
-
SHA1
bdea1c13af13763cddf2a134ec1d272f43081749
-
SHA256
1485eec815dd8ddecd0149e13f7486df102667c4da1a524101f6eb08f6548814
-
SHA512
001ecdf994dad7bd92d874f37fa4d7f8027b376160c3dea0f6f6da6a3364adc17e2524fdd29e3cf41b4f52195c5a14ae5ac64f142277456df268eb0b01fa6df3
-
SSDEEP
6144:vYa6U3ctjJiHPKgFEV7B5wvWsTq/ylTwgNo9QowyDmOggt5lDjOE8pH5a:vYaMZJiHPKuEVF5VsTq6lcdQowyCelDR
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-