General
-
Target
a44e866d712e883d41e17abf68c79f2b
-
Size
754KB
-
Sample
240225-vgbf5sgd93
-
MD5
a44e866d712e883d41e17abf68c79f2b
-
SHA1
c1dbfaf2fbe83dfd1efc025a6bd631b1d0d1a59f
-
SHA256
dd10760bfe828b03b8288f2d9d3255a9f186c382cf36edc785c0d5f333071f23
-
SHA512
22eea8ef8f9057f5901017c4649b51a279be2e0817a49e2caebdd5ea180e4d8536b3f176cc88895433c4b9463260aad0270db02fd4813e572a46ef78485841cf
-
SSDEEP
12288:qFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJR:+3nbWmJVJFwSddIXvfhqbiaxvRxq9
Behavioral task
behavioral1
Sample
a44e866d712e883d41e17abf68c79f2b.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
a44e866d712e883d41e17abf68c79f2b
-
Size
754KB
-
MD5
a44e866d712e883d41e17abf68c79f2b
-
SHA1
c1dbfaf2fbe83dfd1efc025a6bd631b1d0d1a59f
-
SHA256
dd10760bfe828b03b8288f2d9d3255a9f186c382cf36edc785c0d5f333071f23
-
SHA512
22eea8ef8f9057f5901017c4649b51a279be2e0817a49e2caebdd5ea180e4d8536b3f176cc88895433c4b9463260aad0270db02fd4813e572a46ef78485841cf
-
SSDEEP
12288:qFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJR:+3nbWmJVJFwSddIXvfhqbiaxvRxq9
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-