General
-
Target
04c6edff9076cefcc036da59a349bf6f
-
Size
242KB
-
Sample
231229-1mf7gabbc7
-
MD5
04c6edff9076cefcc036da59a349bf6f
-
SHA1
a68cf988973fb17bb6e05803563dc4308735a611
-
SHA256
a1ea988c9b8bb71be31da72660d3ec18babe7b8aed1101d03ab62c0c037a6c87
-
SHA512
040376b7ade6f4a94d4c1d1e000a032367df90475bcc95a698370acc7cfff5b86d3c758932ee25ac7642f9b1cf25116d964aff9171f79e54922b625d0a6e7960
-
SSDEEP
6144:bYpSnN1sLYGShjWWrUNKnUiyPZ+QQieWB6CFlH4/F5uQiOB:bYpSN1Eni2iyZ+SPFq9AQiOB
Behavioral task
behavioral1
Sample
04c6edff9076cefcc036da59a349bf6f.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
04c6edff9076cefcc036da59a349bf6f.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
04c6edff9076cefcc036da59a349bf6f
-
Size
242KB
-
MD5
04c6edff9076cefcc036da59a349bf6f
-
SHA1
a68cf988973fb17bb6e05803563dc4308735a611
-
SHA256
a1ea988c9b8bb71be31da72660d3ec18babe7b8aed1101d03ab62c0c037a6c87
-
SHA512
040376b7ade6f4a94d4c1d1e000a032367df90475bcc95a698370acc7cfff5b86d3c758932ee25ac7642f9b1cf25116d964aff9171f79e54922b625d0a6e7960
-
SSDEEP
6144:bYpSnN1sLYGShjWWrUNKnUiyPZ+QQieWB6CFlH4/F5uQiOB:bYpSN1Eni2iyZ+SPFq9AQiOB
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-