General
-
Target
d3bcf7eff2e952687f69c5948802e351_JC.exe
-
Size
337KB
-
Sample
231014-ec649agf98
-
MD5
d3bcf7eff2e952687f69c5948802e351
-
SHA1
6f42258106c77e13404501dfca313117bb1500c4
-
SHA256
dd26a797e49d67a61d59ea2bbe98d46bd7e059006dcab98c885eaddd2f49bee1
-
SHA512
c5d18fa2b38c31d19a7568138a44cfb4d8eb3a1005c56c3e018f00ee07fe837a776ccecdae1a1faba7b9588731b65fc4c4f88fd0630677446485a428034ee876
-
SSDEEP
6144:s7ASJKenie2xT2NU2OTFQb8Fb0I1UfFmPGL:sl5nilTFQbI0a+GGL
Malware Config
Targets
-
-
Target
d3bcf7eff2e952687f69c5948802e351_JC.exe
-
Size
337KB
-
MD5
d3bcf7eff2e952687f69c5948802e351
-
SHA1
6f42258106c77e13404501dfca313117bb1500c4
-
SHA256
dd26a797e49d67a61d59ea2bbe98d46bd7e059006dcab98c885eaddd2f49bee1
-
SHA512
c5d18fa2b38c31d19a7568138a44cfb4d8eb3a1005c56c3e018f00ee07fe837a776ccecdae1a1faba7b9588731b65fc4c4f88fd0630677446485a428034ee876
-
SSDEEP
6144:s7ASJKenie2xT2NU2OTFQb8Fb0I1UfFmPGL:sl5nilTFQbI0a+GGL
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-