General
-
Target
ri.exe
-
Size
629KB
-
Sample
231202-gt6k6aac33
-
MD5
8802b35e772df6b565003c2ffe35afcf
-
SHA1
e4911aa5d0d6638466c203dbe14828851edf94e7
-
SHA256
250fc0ed07c6d69ff0129c843fb42febefed22011857a1e7161e10ffa1e20ca6
-
SHA512
04c3fe459de71fd1163ed9ad9c074b2481c712d31ce04701f6319442c36043e8bf604fc6f5b9fae3d28806cca26924b5dde3c36c2029062d4f99ced95e91799d
-
SSDEEP
12288:SpdVfrKp5SBUOvkD/gKVGDHszAVXMG2n+z2x0K73AVdxGbw6H3MLVB6:Spd9K7MlGXwz+AV8G2OpvcwL
Static task
static1
Behavioral task
behavioral1
Sample
ri.exe
Resource
win7-20231020-en
Malware Config
Targets
-
-
Target
ri.exe
-
Size
629KB
-
MD5
8802b35e772df6b565003c2ffe35afcf
-
SHA1
e4911aa5d0d6638466c203dbe14828851edf94e7
-
SHA256
250fc0ed07c6d69ff0129c843fb42febefed22011857a1e7161e10ffa1e20ca6
-
SHA512
04c3fe459de71fd1163ed9ad9c074b2481c712d31ce04701f6319442c36043e8bf604fc6f5b9fae3d28806cca26924b5dde3c36c2029062d4f99ced95e91799d
-
SSDEEP
12288:SpdVfrKp5SBUOvkD/gKVGDHszAVXMG2n+z2x0K73AVdxGbw6H3MLVB6:Spd9K7MlGXwz+AV8G2OpvcwL
-
Class file contains resources related to AdWind
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-