General
-
Target
6c2ac089dca51eb4644c5351b2edd105
-
Size
744KB
-
Sample
240121-dcjhhsdcel
-
MD5
6c2ac089dca51eb4644c5351b2edd105
-
SHA1
bb2c6f32bb695ac4ba6cdc7763249d0aaf213c0c
-
SHA256
f558a0e74bb7f327817b24d824f4d9b75ac0e6d5a909c21bc96119cac5df1af8
-
SHA512
6691b19f0a4e84faaaa0c7ff7163a66865e543782487ead8899b521a4a88d095008533dbc2886515f2320a47f647c60967f2674735abcfff333a145419d82996
-
SSDEEP
12288:1yo9KMChh7tNWGlKtr1/N9wnqM24djah3CWkaQwNWy+Q:1yosZ13W4usn1djwkaQLy+Q
Static task
static1
Behavioral task
behavioral1
Sample
6c2ac089dca51eb4644c5351b2edd105.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6c2ac089dca51eb4644c5351b2edd105.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
6c2ac089dca51eb4644c5351b2edd105
-
Size
744KB
-
MD5
6c2ac089dca51eb4644c5351b2edd105
-
SHA1
bb2c6f32bb695ac4ba6cdc7763249d0aaf213c0c
-
SHA256
f558a0e74bb7f327817b24d824f4d9b75ac0e6d5a909c21bc96119cac5df1af8
-
SHA512
6691b19f0a4e84faaaa0c7ff7163a66865e543782487ead8899b521a4a88d095008533dbc2886515f2320a47f647c60967f2674735abcfff333a145419d82996
-
SSDEEP
12288:1yo9KMChh7tNWGlKtr1/N9wnqM24djah3CWkaQwNWy+Q:1yosZ13W4usn1djwkaQLy+Q
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-