General
-
Target
PI SGC-K230426023.zip
-
Size
708KB
-
Sample
230509-ha681sge2v
-
MD5
406034d9160fa724d58ad96bf56c03e3
-
SHA1
5201c304b0f27fecaad124993f1f97e4e5a857b3
-
SHA256
8055225bdea026516c1033def8288368ad7573c9cdaa418b824292871040d956
-
SHA512
0f8aad96a1ab6bbe0bb65b01efe5c5a9a2b776ae777e6ee79921e4d484953e4c792bb25d2cbe48b550c4af16235ef03c5a6a52f531db86c3b543e2b8f6cdd90a
-
SSDEEP
12288:PSGEa//8rMVM5SNGX22Jg2GPjTOUz9zkPXKV5j0Qfh91l39hu9UOqMbwopQa4Zwn:PSxcnVXIfghOEhIXKV5j00hJ39SDJUxi
Static task
static1
Behavioral task
behavioral1
Sample
PI SGC-K230426023.exe
Resource
win7-20230220-en
Malware Config
Extracted
darkcloud
- email_from
- email_to
Targets
-
-
Target
PI SGC-K230426023.exe
-
Size
827KB
-
MD5
6a40ac03685ec1d75e47a390bfe40cf9
-
SHA1
10b9fc4cbd0ca22be3c5ea865aa0eaa279fb01c4
-
SHA256
cea471b18f25770dc19304e536ca3926c0fbf161c6f64aa018cd077a8a150a1b
-
SHA512
8f2e7d8a153714923454e8f2e7c91e79398bdffd0fa75853740daa10bdc99e9ad786564f5d45f63e8b286589d0fc5964ddad8fbf4c6a9ac6cb91f400544e4e48
-
SSDEEP
12288:ESwETO+ruVMHSNGXi2Jg2q2yGlMOnABf8pwtp90Qfh91BueklL/sjDyZw6oVxj8d:ESxTONVzITgh8QRtj00hMekJzZw6Yj
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-