General
-
Target
768f003f97b5735f658a712f88c21d9747f6c6465d8157c153f14fbaa2e9c9aa_JC.exe
-
Size
12KB
-
Sample
231011-ne4xcabc4v
-
MD5
398624261835a9df069e100979c7b72c
-
SHA1
070921b48ced543e571127c2243088675a7c7349
-
SHA256
768f003f97b5735f658a712f88c21d9747f6c6465d8157c153f14fbaa2e9c9aa
-
SHA512
5e9f62a8466acdf450e03c3cb7641e24ea5027d397d86c81d182bce94bc4e57368e92618ecc24108cb224cabf24b4afc95f01f766c8feb9319c0b9c2f19a6761
-
SSDEEP
192:uU5z9iLjq2pJk+/qcJklyJOEdtLsWGQwrgAh:3z9AbJH/IwJOsW/QwrgC
Malware Config
Extracted
Targets
-
-
Target
768f003f97b5735f658a712f88c21d9747f6c6465d8157c153f14fbaa2e9c9aa_JC.exe
-
Size
12KB
-
MD5
398624261835a9df069e100979c7b72c
-
SHA1
070921b48ced543e571127c2243088675a7c7349
-
SHA256
768f003f97b5735f658a712f88c21d9747f6c6465d8157c153f14fbaa2e9c9aa
-
SHA512
5e9f62a8466acdf450e03c3cb7641e24ea5027d397d86c81d182bce94bc4e57368e92618ecc24108cb224cabf24b4afc95f01f766c8feb9319c0b9c2f19a6761
-
SSDEEP
192:uU5z9iLjq2pJk+/qcJklyJOEdtLsWGQwrgAh:3z9AbJH/IwJOsW/QwrgC
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-