General
-
Target
5a17eb22c96dfbefb792493dac7618c0
-
Size
6.7MB
-
Sample
240114-dezyaaaghk
-
MD5
5a17eb22c96dfbefb792493dac7618c0
-
SHA1
178b7b1b0894ad100992f75b9529ae00d63a633c
-
SHA256
deb121bac1823d2de090b6816cbaffe8739600299b69789c109ac97a9477d5aa
-
SHA512
0c9d63c1f321df671e35463e9ad62b4ed1e6a6c2cb2cbc58cc652fde48bbde7f06a9325fc21f3c4c90c2aff62b402af75886962698781a885998932da164a297
-
SSDEEP
196608:Dt29v7XLTPmNbF6n1O4zGuY7gdDoqH9s7uHFsDKEz:yXwF6FSuMgFoy9s7uHFGR
Static task
static1
Behavioral task
behavioral1
Sample
5a17eb22c96dfbefb792493dac7618c0.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
5a17eb22c96dfbefb792493dac7618c0
-
Size
6.7MB
-
MD5
5a17eb22c96dfbefb792493dac7618c0
-
SHA1
178b7b1b0894ad100992f75b9529ae00d63a633c
-
SHA256
deb121bac1823d2de090b6816cbaffe8739600299b69789c109ac97a9477d5aa
-
SHA512
0c9d63c1f321df671e35463e9ad62b4ed1e6a6c2cb2cbc58cc652fde48bbde7f06a9325fc21f3c4c90c2aff62b402af75886962698781a885998932da164a297
-
SSDEEP
196608:Dt29v7XLTPmNbF6n1O4zGuY7gdDoqH9s7uHFsDKEz:yXwF6FSuMgFoy9s7uHFGR
-
Babadeda Crypter
-
DarkVNC payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-