General
-
Target
HSBC-00923.exe
-
Size
1.1MB
-
Sample
230726-l1nfdaag54
-
MD5
30bf5cc67dfdab0d061e4a94e382c1d6
-
SHA1
60ba01b86a1df951d9ae1dac19493337b185176b
-
SHA256
c96d918fa251f8c7aa3a3ce7dcecc7ee9f2841254a32815812cefc6fe83e101f
-
SHA512
e3e3110a6af185def4228e99d2e7ba38a20faea686025da5ae3746afbb6f3c94ee73a0bf319ce09856c4e091f0ba8b79fc07e6a22a6a0faf53d0ad3925793c9e
-
SSDEEP
24576:GrarisNNgjIzBApx/Wg1M88dF0h8tlBnE:Grarislax/Wg1MjF0qtl1E
Static task
static1
Behavioral task
behavioral1
Sample
HSBC-00923.exe
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
HSBC-00923.exe
-
Size
1.1MB
-
MD5
30bf5cc67dfdab0d061e4a94e382c1d6
-
SHA1
60ba01b86a1df951d9ae1dac19493337b185176b
-
SHA256
c96d918fa251f8c7aa3a3ce7dcecc7ee9f2841254a32815812cefc6fe83e101f
-
SHA512
e3e3110a6af185def4228e99d2e7ba38a20faea686025da5ae3746afbb6f3c94ee73a0bf319ce09856c4e091f0ba8b79fc07e6a22a6a0faf53d0ad3925793c9e
-
SSDEEP
24576:GrarisNNgjIzBApx/Wg1M88dF0h8tlBnE:Grarislax/Wg1MjF0qtl1E
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-