General
-
Target
99bbdbd8879083ba521c9198efabe4d9
-
Size
813KB
-
Sample
240213-v4rrmsea2s
-
MD5
99bbdbd8879083ba521c9198efabe4d9
-
SHA1
f676ffeee043f5083f946955fb99cb2eaa85ebaa
-
SHA256
e32f29fd3d764d021e15bc4d9dfa6b5eadbe466cda03b27903863e03b49efdf1
-
SHA512
5b50c9d39482eba324540dd8130bd76f863c27025600743089a7ac25c8ecd48363a02bc04d6dca357c870ad2c6cc199738a827c5a167d7546d3f6a6defe92e0a
-
SSDEEP
12288:BGjZ6FArZSoR65AXwgFvuSSrIRW95Qq/+TYkDYFXEqQhSjRuukMBKQ21c4N8Vo7b:ToR6qgnfRFXEVi4QkPw5
Static task
static1
Behavioral task
behavioral1
Sample
99bbdbd8879083ba521c9198efabe4d9.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
99bbdbd8879083ba521c9198efabe4d9.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
oski
103.199.16.91/www/
Targets
-
-
Target
99bbdbd8879083ba521c9198efabe4d9
-
Size
813KB
-
MD5
99bbdbd8879083ba521c9198efabe4d9
-
SHA1
f676ffeee043f5083f946955fb99cb2eaa85ebaa
-
SHA256
e32f29fd3d764d021e15bc4d9dfa6b5eadbe466cda03b27903863e03b49efdf1
-
SHA512
5b50c9d39482eba324540dd8130bd76f863c27025600743089a7ac25c8ecd48363a02bc04d6dca357c870ad2c6cc199738a827c5a167d7546d3f6a6defe92e0a
-
SSDEEP
12288:BGjZ6FArZSoR65AXwgFvuSSrIRW95Qq/+TYkDYFXEqQhSjRuukMBKQ21c4N8Vo7b:ToR6qgnfRFXEVi4QkPw5
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-