General
-
Target
eb8d529d8bfef2490cac29b9164747a20b7b35f5d9c95d804f35063b89ced160
-
Size
1.0MB
-
Sample
231208-kb5gxsbd6w
-
MD5
1d17fe888acd6925aea0873f960c1ef9
-
SHA1
ee25912e968672ea0fc86afae694934d85b95b7c
-
SHA256
eb8d529d8bfef2490cac29b9164747a20b7b35f5d9c95d804f35063b89ced160
-
SHA512
eef7e546886aa9280ba9be406a767d09ec6886f58fc90f4802ec4f4749b99f171f280f5a8c4493dde746a1d84c61f772cf2fddc62a1ca2b5f63919386880be42
-
SSDEEP
24576:KOZfhw007QHFaPQlcr4mrO9oSxPi2qvOwBrDqi:19eelrc4mrjSxq2WfH
Static task
static1
Behavioral task
behavioral1
Sample
eb8d529d8bfef2490cac29b9164747a20b7b35f5d9c95d804f35063b89ced160.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
eb8d529d8bfef2490cac29b9164747a20b7b35f5d9c95d804f35063b89ced160.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
eb8d529d8bfef2490cac29b9164747a20b7b35f5d9c95d804f35063b89ced160
-
Size
1.0MB
-
MD5
1d17fe888acd6925aea0873f960c1ef9
-
SHA1
ee25912e968672ea0fc86afae694934d85b95b7c
-
SHA256
eb8d529d8bfef2490cac29b9164747a20b7b35f5d9c95d804f35063b89ced160
-
SHA512
eef7e546886aa9280ba9be406a767d09ec6886f58fc90f4802ec4f4749b99f171f280f5a8c4493dde746a1d84c61f772cf2fddc62a1ca2b5f63919386880be42
-
SSDEEP
24576:KOZfhw007QHFaPQlcr4mrO9oSxPi2qvOwBrDqi:19eelrc4mrjSxq2WfH
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-