General
-
Target
ba829f9712d4e0f110c5328064c6015a
-
Size
16KB
-
Sample
240308-e2rqvsgb2v
-
MD5
ba829f9712d4e0f110c5328064c6015a
-
SHA1
d341415107426fa16b6a677bb858aedac9c34af7
-
SHA256
65f35a51584aeca0f370fcdae6b8e0b0f5bde9567f107122a1768c534f7d4eac
-
SHA512
c568154eafb98a0603ae9e076b592c3c92f454c9c0a4c7e54785e3d2203edf79ec8f85a9cac653e77458d685ea7419db13d53997452666e35d372e5bb5775ca2
-
SSDEEP
384:Z6f8n07CxhZPx3O+b8LXjcuqeK/ATp+0BCi+/fK0:ZtImhBNO+bQQ/6pjBCiMfK0
Behavioral task
behavioral1
Sample
ba829f9712d4e0f110c5328064c6015a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ba829f9712d4e0f110c5328064c6015a.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ba829f9712d4e0f110c5328064c6015a
-
Size
16KB
-
MD5
ba829f9712d4e0f110c5328064c6015a
-
SHA1
d341415107426fa16b6a677bb858aedac9c34af7
-
SHA256
65f35a51584aeca0f370fcdae6b8e0b0f5bde9567f107122a1768c534f7d4eac
-
SHA512
c568154eafb98a0603ae9e076b592c3c92f454c9c0a4c7e54785e3d2203edf79ec8f85a9cac653e77458d685ea7419db13d53997452666e35d372e5bb5775ca2
-
SSDEEP
384:Z6f8n07CxhZPx3O+b8LXjcuqeK/ATp+0BCi+/fK0:ZtImhBNO+bQQ/6pjBCiMfK0
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Adds Run key to start application
-