General
-
Target
1abaa6e941a72e14f6f331a162a15590
-
Size
476KB
-
Sample
231224-3ty2zagef3
-
MD5
1abaa6e941a72e14f6f331a162a15590
-
SHA1
0b60cf0adf574056f80b6fa8e5563e9681ff6d6b
-
SHA256
25f7620ed46222a606b0c9fd1f7356266e1c5e46ee00ef92e4c34add6a009317
-
SHA512
f33ebb7f8998ac9b307fe51100dd0d0a0880ac9378b9e0363e4904acf263a4fc0a20bbd5f61c1b5b61ec54f63cf6113af00cda7b069243cd2d058d1a3dbaadd5
-
SSDEEP
12288:Ok8HAXwdAnc2i+zinpRUF2oMPze+0gKG3UPPxf:OzgXwd7F+zinj2lM6+0gL
Static task
static1
Behavioral task
behavioral1
Sample
1abaa6e941a72e14f6f331a162a15590.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1abaa6e941a72e14f6f331a162a15590.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
1abaa6e941a72e14f6f331a162a15590
-
Size
476KB
-
MD5
1abaa6e941a72e14f6f331a162a15590
-
SHA1
0b60cf0adf574056f80b6fa8e5563e9681ff6d6b
-
SHA256
25f7620ed46222a606b0c9fd1f7356266e1c5e46ee00ef92e4c34add6a009317
-
SHA512
f33ebb7f8998ac9b307fe51100dd0d0a0880ac9378b9e0363e4904acf263a4fc0a20bbd5f61c1b5b61ec54f63cf6113af00cda7b069243cd2d058d1a3dbaadd5
-
SSDEEP
12288:Ok8HAXwdAnc2i+zinpRUF2oMPze+0gKG3UPPxf:OzgXwd7F+zinj2lM6+0gL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-