General
-
Target
SecuriteInfo.com.Win32.MalwareX-gen.17835.14090.exe
-
Size
851KB
-
Sample
230726-ljrrgabc2x
-
MD5
8d941856eda9ed2762940348ac7cde1e
-
SHA1
7a333af072204d26768e8facadad276a1e6bf40f
-
SHA256
cc73f108b12aeba27a3b77b3c8a8e0df2889659ec79c71fae944fa04d2870b0d
-
SHA512
9078d2781d18f8f10b9d5ac9198e8274ff4aa9b3e4f29661f664bef9be7404bd398a87dfcd038fb017de124af15d40236c0705d66f99344c5935dfd0597575d4
-
SSDEEP
12288:lJmefaynhcB5DZ4EslUTKFoGy3Qd3xEpwjHGZpxBxORkWMnK+/ATZn/6:KeCQcB5l12KGy3wOpwjHU7BxOCn3Y
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.MalwareX-gen.17835.14090.exe
Resource
win7-20230712-en
Malware Config
Extracted
darkcloud
https://api.telegram.org/bot6474909072:AAE35t_kjfFFVCPF7xcGUBipQxF6QCUotU/sendMessage?chat_id=1184359262
Targets
-
-
Target
SecuriteInfo.com.Win32.MalwareX-gen.17835.14090.exe
-
Size
851KB
-
MD5
8d941856eda9ed2762940348ac7cde1e
-
SHA1
7a333af072204d26768e8facadad276a1e6bf40f
-
SHA256
cc73f108b12aeba27a3b77b3c8a8e0df2889659ec79c71fae944fa04d2870b0d
-
SHA512
9078d2781d18f8f10b9d5ac9198e8274ff4aa9b3e4f29661f664bef9be7404bd398a87dfcd038fb017de124af15d40236c0705d66f99344c5935dfd0597575d4
-
SSDEEP
12288:lJmefaynhcB5DZ4EslUTKFoGy3Qd3xEpwjHGZpxBxORkWMnK+/ATZn/6:KeCQcB5l12KGy3wOpwjHU7BxOCn3Y
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-