General
-
Target
ABP Overdue.exe
-
Size
918KB
-
Sample
240123-cy92xsfacp
-
MD5
dc8adcc624f9599d45e5e3b63411e4c7
-
SHA1
65f0b0f038f3969d5080ec79ce559093b217c467
-
SHA256
2c2ca8d1a75eef32da01814983a7a3dbddff14915ae96346af68dc29c65db7ea
-
SHA512
51443b901a0abd5a74d69e22ec66367604a3b4005256efe3c96c843e5873ec158cec4dcc647508ca682975434514cf88977f170b6586bc31ae69b360919ce41e
-
SSDEEP
12288:mlUgySozdUd283S5qgkFCxjI4s+gGL+i7vJ0TG/r7jam+VM/NwNVJdPFZdVBo6U1:8mFudCDkFCx84OG9Brj7emT/NCVJdz
Static task
static1
Behavioral task
behavioral1
Sample
ABP Overdue.exe
Resource
win7-20231215-en
Malware Config
Extracted
darkcloud
- email_from
- email_to
Targets
-
-
Target
ABP Overdue.exe
-
Size
918KB
-
MD5
dc8adcc624f9599d45e5e3b63411e4c7
-
SHA1
65f0b0f038f3969d5080ec79ce559093b217c467
-
SHA256
2c2ca8d1a75eef32da01814983a7a3dbddff14915ae96346af68dc29c65db7ea
-
SHA512
51443b901a0abd5a74d69e22ec66367604a3b4005256efe3c96c843e5873ec158cec4dcc647508ca682975434514cf88977f170b6586bc31ae69b360919ce41e
-
SSDEEP
12288:mlUgySozdUd283S5qgkFCxjI4s+gGL+i7vJ0TG/r7jam+VM/NwNVJdPFZdVBo6U1:8mFudCDkFCx84OG9Brj7emT/NCVJdz
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-