General
-
Target
file.exe
-
Size
916KB
-
Sample
240131-m9qgrscfbr
-
MD5
07ecf716a8c177510d8bbb67c9023589
-
SHA1
ff8623958dbacdbd2d370e34b91d55823906b0e1
-
SHA256
22b5dce4881004cd5491a450ccd459dc4790f28e8dfd9765e040b51003cccab8
-
SHA512
f757576f63cece311e391b458a5d953d825a66437dcc2cf98e5f2249e89463268c363dd7facfd316827117de6d61cc8a1c5d732f6b6c9c47ab82c986920018d2
-
SSDEEP
12288:pjgO9SCF1OevUUGQv0R4jesqzAOzS7EPoHWj9cy1eMX9ECcCVu5brNKtqFJ/hkaC:xgO9ZzvzKLAkDA2xcyB9uJGG/hWuzw
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231129-en
Malware Config
Extracted
darkcloud
- email_from
- email_to
Targets
-
-
Target
file.exe
-
Size
916KB
-
MD5
07ecf716a8c177510d8bbb67c9023589
-
SHA1
ff8623958dbacdbd2d370e34b91d55823906b0e1
-
SHA256
22b5dce4881004cd5491a450ccd459dc4790f28e8dfd9765e040b51003cccab8
-
SHA512
f757576f63cece311e391b458a5d953d825a66437dcc2cf98e5f2249e89463268c363dd7facfd316827117de6d61cc8a1c5d732f6b6c9c47ab82c986920018d2
-
SSDEEP
12288:pjgO9SCF1OevUUGQv0R4jesqzAOzS7EPoHWj9cy1eMX9ECcCVu5brNKtqFJ/hkaC:xgO9ZzvzKLAkDA2xcyB9uJGG/hWuzw
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-