General
-
Target
Passwrod_2024_With_Setup.rar
-
Size
11.6MB
-
Sample
231230-wbv42abaem
-
MD5
9a6f96485e55ad7ee783700274b1ba5d
-
SHA1
2137a6e18fce206b8e93e61b041804b95272d312
-
SHA256
e0bbe82872c8343174e37f8340326586a321974b0bcf6d9a1087d5a8b7371552
-
SHA512
15fcc0a70f8b1227fcadc3673814ff3e72ef780154ae0083efe476cd8eb49736c79cd2eb219c06802eac6cf94a7d85fcaacc672a1cb160ea78f274cc869eb699
-
SSDEEP
196608:1tFomhPXHFWx5jvpOoaxRDHA8xr70D2jBUxZ60TayF+GLSUlGybeLL0qGAmfxkcH:toc/lWD4HxRHBrfjBwTF+W0ybw2AmJgm
Malware Config
Targets
-
-
Target
Passwrod_2024_With_Setup.rar
-
Size
11.6MB
-
MD5
9a6f96485e55ad7ee783700274b1ba5d
-
SHA1
2137a6e18fce206b8e93e61b041804b95272d312
-
SHA256
e0bbe82872c8343174e37f8340326586a321974b0bcf6d9a1087d5a8b7371552
-
SHA512
15fcc0a70f8b1227fcadc3673814ff3e72ef780154ae0083efe476cd8eb49736c79cd2eb219c06802eac6cf94a7d85fcaacc672a1cb160ea78f274cc869eb699
-
SSDEEP
196608:1tFomhPXHFWx5jvpOoaxRDHA8xr70D2jBUxZ60TayF+GLSUlGybeLL0qGAmfxkcH:toc/lWD4HxRHBrfjBwTF+W0ybw2AmJgm
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-