General
-
Target
PI SGC-K230426023.exe
-
Size
827KB
-
Sample
230509-cbtresdg96
-
MD5
6a40ac03685ec1d75e47a390bfe40cf9
-
SHA1
10b9fc4cbd0ca22be3c5ea865aa0eaa279fb01c4
-
SHA256
cea471b18f25770dc19304e536ca3926c0fbf161c6f64aa018cd077a8a150a1b
-
SHA512
8f2e7d8a153714923454e8f2e7c91e79398bdffd0fa75853740daa10bdc99e9ad786564f5d45f63e8b286589d0fc5964ddad8fbf4c6a9ac6cb91f400544e4e48
-
SSDEEP
12288:ESwETO+ruVMHSNGXi2Jg2q2yGlMOnABf8pwtp90Qfh91BueklL/sjDyZw6oVxj8d:ESxTONVzITgh8QRtj00hMekJzZw6Yj
Static task
static1
Behavioral task
behavioral1
Sample
PI SGC-K230426023.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
- email_from
- email_to
Targets
-
-
Target
PI SGC-K230426023.exe
-
Size
827KB
-
MD5
6a40ac03685ec1d75e47a390bfe40cf9
-
SHA1
10b9fc4cbd0ca22be3c5ea865aa0eaa279fb01c4
-
SHA256
cea471b18f25770dc19304e536ca3926c0fbf161c6f64aa018cd077a8a150a1b
-
SHA512
8f2e7d8a153714923454e8f2e7c91e79398bdffd0fa75853740daa10bdc99e9ad786564f5d45f63e8b286589d0fc5964ddad8fbf4c6a9ac6cb91f400544e4e48
-
SSDEEP
12288:ESwETO+ruVMHSNGXi2Jg2q2yGlMOnABf8pwtp90Qfh91BueklL/sjDyZw6oVxj8d:ESxTONVzITgh8QRtj00hMekJzZw6Yj
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-