General
-
Target
setup.exe
-
Size
1006KB
-
Sample
231026-z27gjahh85
-
MD5
f42a201044931eee29a309600b72d456
-
SHA1
a38c49acdb7c3e0775f2d6dc8b8ea8bd7f32f732
-
SHA256
55e5131f01e0b4db477326c27139ab59c61f33cceb5de503e874197d23d37ad0
-
SHA512
53114bf6f50d276b9cf20c67b7044321e64937af327ab67b87f97f10297996a2a4189b8a9c7215b42a4d01a8bbee211680ed111a9d8f12ced136dd774217b858
-
SSDEEP
12288:T8HjWTxA6M8erwyFeGA8HjWTxA6M8erwyFeGA8HjWTxA6M8erwyFeGA8HjWTxA6H:gK1D9Y7K1D9Y7K1D9Y7K1D9Yg
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
setup.exe
-
Size
1006KB
-
MD5
f42a201044931eee29a309600b72d456
-
SHA1
a38c49acdb7c3e0775f2d6dc8b8ea8bd7f32f732
-
SHA256
55e5131f01e0b4db477326c27139ab59c61f33cceb5de503e874197d23d37ad0
-
SHA512
53114bf6f50d276b9cf20c67b7044321e64937af327ab67b87f97f10297996a2a4189b8a9c7215b42a4d01a8bbee211680ed111a9d8f12ced136dd774217b858
-
SSDEEP
12288:T8HjWTxA6M8erwyFeGA8HjWTxA6M8erwyFeGA8HjWTxA6M8erwyFeGA8HjWTxA6H:gK1D9Y7K1D9Y7K1D9Y7K1D9Yg
Score8/10-
Blocklisted process makes network request
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-