General
-
Target
d7880403c1c456e3c7e4b047f64bcf35-sample.zip
-
Size
328KB
-
Sample
240229-zazbvacb56
-
MD5
0a98b52418413675320d1552f7b23cc6
-
SHA1
f7d926296154382bb9e03af2a7c30479a4be36d1
-
SHA256
0ce0682abb75b00b32858e270246e168799e2618f671edd3da16680586fb306f
-
SHA512
6d9cfb15a0e776ef6c7c991d3db7bd910effbc0761713410fba76613e84f6c7a17388847205071f19d6e79cd4d497f48debcc9065011b40d7f5fd1756c253cea
-
SSDEEP
6144:ldIdUZB1dVMXukeGXvHwmhYLg566T+tTf65UKXaJKQBpQwxuJu6CLIsGhXK:wdUfp0hRXxLTuG5fKJZfKkLIsGA
Static task
static1
Behavioral task
behavioral1
Sample
REQ-22-TM-0421.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
REQ-22-TM-0421.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
avzthbaywy.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
avzthbaywy.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
formbook
m5oe
HdR8hG6r12hBYuHY4zv6YeeFPQ==
tD1V9gswYvgQXEGd
1xKtJ1LdqRYMRMC84U1A
MbhjiWb7Lz8z7KIWl3UyUIJwA6Tb
joVB5Xggy2RtE+odsZg=
TrduAIay6Y3SvoIK20xI
pSna7LOsXXwXT/zz3Iow4g==
QnthmO4Qst5gC3sDoA==
eAirzOOgO7SOCenz3Iow4g==
xg0uSbfLTg==
YWQXwyGRzPEHzGrDFE8CBSE=
ujLnfuXoH9dbgHIK20xI
291v0XsGFrYQXEGd
MRvTd/qMuaHpjCM=
X131fLC6VWX4MsvCb2IPjIfq8wlksWfg
Y9Bur8DbgqFt/Yni86MMCCE=
q6RTBmJkmy5pWTmmCCrvmuCDPw==
mQS26DojT+EQXEGd
sjHQ+Kav2Wx9FeodsZg=
JA24UKnTA5re1LhcQaVo/w==
+nMYDuKNduLsjSE=
0Y9DVy/Tc9l+yjQ=
y7lwdkvTChreCREDpQ==
Ii3WdB9OaKHpjCM=
CMWQ4A8JKbwoNFp9nu7t6g==
gbV4IoyzQljj18uoLgjx6g==
6K5hYUwJtU5ySf92shofvBfYrldksWfg
HShGoi6WeQZh
+XRHCtltpLisZhq8oQP3tsIn
H92Mnqi1WFbtCREDpQ==
ScNmhoycwTWCnCciRLFr/A92fk4lLrXv
/mcDDzqp2eN+iqKcQzk8IFpI47Z1oDSkYg==
4Zw22mgivXjUVwsKrQ==
H6BuCCqWeQZh
AXgnNxLA5SJB/+odsZg=
ewIhwqy9EmQJYg==
r2QP0TaWeQZh
wH0tLEHAY/MrFNYtfK1ScJWi7cI=
CC3fiO5tJLm2VNIwxwNPYSP0u4nR
Fx7Zhw2aS6HpjCM=
IJxWlqZEdZpwDuodsZg=
yUjv9d2BuOS0KOodsZg=
3p9Rc2X7ORpG8LMaPbR8DkBwu0YHcGeudQ==
1HEaIfD3b79KiDEL3Iow4g==
wWMAE/eTvqHpjCM=
vLlwIqnDnTWyCREDpQ==
5Zw354BpX25V+MYFrJI=
bqtnHoun2nf7CREDpQ==
rWETGOZxl6iRGP8fuokZ/GMv
sn1e9rsTPWA=
nN+z3PKiu6HpjCM=
qifMPKbZgoXSZjD1FJA=
wJAvzTSWeQZh
XYVBzCOsTvAQXEGd
tCi/4MTHdZ9v9pT5FGwZ/GMv
uWdW5jhhSjC67o2V
IejMbKK5EmQJYg==
2ptC9k/Nex0+/uodsZg=
69+iVeaYNOokmEsorQ==
f4MkxCEdWBSt5WJD5cLF7EoRn8M=
d7dR4opPbeIZwWovuA==
4alR50ZbhAxOJfHUaVhA
g403rfwQH7w9ZvHron4xbLDfMg==
m9aSQLs51jmh18uoLgjx6g==
singglostudio.com
Targets
-
-
Target
REQ-22-TM-0421.exe
-
Size
339KB
-
MD5
03c5bcabede556bfc4239b8b5cd82c96
-
SHA1
f4adc8324ab83478fd1e8d276bde2fec5a37cdef
-
SHA256
345c796d9c9e422f8d60c79b8979b9de8df2748c6c3e5b78ff3f44a99024b31b
-
SHA512
5ea449eb53ff8cf669fcd6cffea586cc1a1d88b67fa70c0ff2f72a2e9e8c575edcb0073fa0608cd729e6c7d353480044b6d1cfd10f57089dfac45a7e1d467213
-
SSDEEP
6144:9kwNabEIE9NpesIQroOyxdbt4v3AWP147fIYSp4CNuVszpRj6ZlXzQ4xypW:HIEPpC8SfbY/4kDVDpRjExyY
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
avzthbaywy.exe
-
Size
289KB
-
MD5
13c80abd753e9c38782524743504a0dd
-
SHA1
709129996e9d1474f57ed77eb38794d82f9805c4
-
SHA256
d718c0c41640eefcd910fd40f970e3e47a025352602bd8c0e53ab7baeaba1aa0
-
SHA512
828830e4ac3c8757ae9d8602415570768903620912d8dcaac87207b9cf054e6ae5a14b2372451160776901a067079a853ef5606114848afee2b440f6279b662f
-
SSDEEP
6144:54kPEeNtgeA+2OSlbnb1CsLR6Hp7Xu/0DHblcqD/L:54kPEeNtR2OSlbhV6Fu/0dc+L
Score3/10 -