General
-
Target
d9ddef6fa6e84c4f1cd0ff25c8d9cbf3
-
Size
6.3MB
-
Sample
231222-swc76sbfh5
-
MD5
d9ddef6fa6e84c4f1cd0ff25c8d9cbf3
-
SHA1
51631d5fd25b1f24e5ea72788a1b2731b146d899
-
SHA256
52bd0f8e0dc5d3e8aeced8abf31403d6184978d215be68b357c5e6d0b077ee23
-
SHA512
f822c3ba11bb2aef6213a6f077cba3d8cd1922d44a63dba9d73f378572d00599a8e2c19b413c53a8ab731bdde7b8c67916a14e6bd66995003fdd1b50abc49001
-
SSDEEP
196608:Mx3Vr+hoDxcVp6455J77NAtZAA6Bj6An5p3:a3Vr+WDxcVk+rhAtqA1o
Behavioral task
behavioral1
Sample
d9ddef6fa6e84c4f1cd0ff25c8d9cbf3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
d9ddef6fa6e84c4f1cd0ff25c8d9cbf3.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
d9ddef6fa6e84c4f1cd0ff25c8d9cbf3
-
Size
6.3MB
-
MD5
d9ddef6fa6e84c4f1cd0ff25c8d9cbf3
-
SHA1
51631d5fd25b1f24e5ea72788a1b2731b146d899
-
SHA256
52bd0f8e0dc5d3e8aeced8abf31403d6184978d215be68b357c5e6d0b077ee23
-
SHA512
f822c3ba11bb2aef6213a6f077cba3d8cd1922d44a63dba9d73f378572d00599a8e2c19b413c53a8ab731bdde7b8c67916a14e6bd66995003fdd1b50abc49001
-
SSDEEP
196608:Mx3Vr+hoDxcVp6455J77NAtZAA6Bj6An5p3:a3Vr+WDxcVk+rhAtqA1o
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-