General
-
Target
documents.exe
-
Size
911KB
-
Sample
240122-bwx4xadecm
-
MD5
9530a4b5c2772de4edb6005f057c0405
-
SHA1
f544295bc15e8c1f69e9c2939acc88decfe404c8
-
SHA256
6e94f38fee814023e77c4f2f3f718fd0bdf456974fb7742c03ee17dd2054050c
-
SHA512
62d66a9cdaa81a4e651711dfa27de2dd0269a3200da8f62dd91a479bc925198caa9b4090cdf2e509832b9d226f1d33b28f5f66f6a30c7f0ad39f8f0e3f5f56ed
-
SSDEEP
12288:8SGnBbC8IABQRIVa8Tt5g0IhUSIw28Ph0S0NrlhjT2E6JbkpjPJaGbrKHaYl18/d:NEC+BVTUZX2HjTz6pmddYl10
Static task
static1
Behavioral task
behavioral1
Sample
documents.exe
Resource
win7-20231215-en
Malware Config
Extracted
darkcloud
- email_from
- email_to
Targets
-
-
Target
documents.exe
-
Size
911KB
-
MD5
9530a4b5c2772de4edb6005f057c0405
-
SHA1
f544295bc15e8c1f69e9c2939acc88decfe404c8
-
SHA256
6e94f38fee814023e77c4f2f3f718fd0bdf456974fb7742c03ee17dd2054050c
-
SHA512
62d66a9cdaa81a4e651711dfa27de2dd0269a3200da8f62dd91a479bc925198caa9b4090cdf2e509832b9d226f1d33b28f5f66f6a30c7f0ad39f8f0e3f5f56ed
-
SSDEEP
12288:8SGnBbC8IABQRIVa8Tt5g0IhUSIw28Ph0S0NrlhjT2E6JbkpjPJaGbrKHaYl18/d:NEC+BVTUZX2HjTz6pmddYl10
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-