General
-
Target
a45ac8d19671a001f75dad85309ff4e9
-
Size
8KB
-
Sample
240225-vwwevshg4z
-
MD5
a45ac8d19671a001f75dad85309ff4e9
-
SHA1
349f4a9ce3bc88f116e62f05ad8e6a69507cf444
-
SHA256
35f37dc4f0f7732d2ada81aa26c37729ecfc6e772b57ed0bd984c8724274940c
-
SHA512
3cb8a6c3b0ff06c4b2e4329ae435c023fc0aff78c143bf211c1729c480a85aca6f9ca5535d6149bda76638b0ea369816cc54c5c6dcdba6419a82d4fde9a2a335
-
SSDEEP
96:76XilcZ8w1lLBFF4KVgVClcAJU5D5dH7sUS47vPLaY6P0k3NJE0mz1lNa+zNt:8CcuKLPGS6InULdbA47v+Y6PvRO1lkY
Static task
static1
Behavioral task
behavioral1
Sample
a45ac8d19671a001f75dad85309ff4e9.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a45ac8d19671a001f75dad85309ff4e9.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
cobaltstrike
http://test.googleapi.space:80/tIKU
-
user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: test.googleapi.space
Targets
-
-
Target
a45ac8d19671a001f75dad85309ff4e9
-
Size
8KB
-
MD5
a45ac8d19671a001f75dad85309ff4e9
-
SHA1
349f4a9ce3bc88f116e62f05ad8e6a69507cf444
-
SHA256
35f37dc4f0f7732d2ada81aa26c37729ecfc6e772b57ed0bd984c8724274940c
-
SHA512
3cb8a6c3b0ff06c4b2e4329ae435c023fc0aff78c143bf211c1729c480a85aca6f9ca5535d6149bda76638b0ea369816cc54c5c6dcdba6419a82d4fde9a2a335
-
SSDEEP
96:76XilcZ8w1lLBFF4KVgVClcAJU5D5dH7sUS47vPLaY6P0k3NJE0mz1lNa+zNt:8CcuKLPGS6InULdbA47v+Y6PvRO1lkY
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-