General
-
Target
documents.bat.exe
-
Size
877KB
-
Sample
240206-ygys8agdcr
-
MD5
173aa6b5c260b3e19f1b979f054b02b0
-
SHA1
9ea4da05677968a322acf4330699e76b31676130
-
SHA256
0dd421edda69a829b7b9d025fd81f947085c0b3a54d9025312823a56c2b5df83
-
SHA512
29415d7778eb7d1275815f1bcee0c3f0613f300df29172ab03d63c119491af6ced57c25c39ed27e010c0e7ce7be87de216bf2757480db9fd392b95c1f8282d51
-
SSDEEP
24576:L/UAc8bshd1ixMpqvhnjqJR33ulonktC+FMIpSmUrSGG:L/U8bI1+MMv5YwloWCZU0m7
Static task
static1
Behavioral task
behavioral1
Sample
documents.bat.exe
Resource
win7-20231215-en
Malware Config
Extracted
darkcloud
- email_from
- email_to
Targets
-
-
Target
documents.bat.exe
-
Size
877KB
-
MD5
173aa6b5c260b3e19f1b979f054b02b0
-
SHA1
9ea4da05677968a322acf4330699e76b31676130
-
SHA256
0dd421edda69a829b7b9d025fd81f947085c0b3a54d9025312823a56c2b5df83
-
SHA512
29415d7778eb7d1275815f1bcee0c3f0613f300df29172ab03d63c119491af6ced57c25c39ed27e010c0e7ce7be87de216bf2757480db9fd392b95c1f8282d51
-
SSDEEP
24576:L/UAc8bshd1ixMpqvhnjqJR33ulonktC+FMIpSmUrSGG:L/U8bI1+MMv5YwloWCZU0m7
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-