General
-
Target
4e87a0794bf73d06ac1ce4a37e33eb832ff4c89fb9e4266490c7cef9229d27a7.zip
-
Size
427KB
-
Sample
240403-mbcs1sca5t
-
MD5
ac6ede3b2dd26afd67098d45da192b60
-
SHA1
b11fec4228a20ee88b4c7b09b9eec307a5ded012
-
SHA256
0d68c224e052637eaf83d5cca57e86e85792dfc68e3fea4619cf78cab0c69614
-
SHA512
2c646c99701cdd045c3f97cf7082270b4d611a5f3e0a21ccd22446758d0c6c017a9b58e69c19db15a221fa949c8c6411643b9e49266b03543ca17a5b3f287b43
-
SSDEEP
12288:rE7nj8wBX3rgicONzZBX14WWjLW5jPPoSR:rEH8AXbgODUyFPgm
Static task
static1
Behavioral task
behavioral1
Sample
4e87a0794bf73d06ac1ce4a37e33eb832ff4c89fb9e4266490c7cef9229d27a7.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
4e87a0794bf73d06ac1ce4a37e33eb832ff4c89fb9e4266490c7cef9229d27a7
-
Size
768KB
-
MD5
11cf5ca49a6c354eb005fb24bdf6b1f0
-
SHA1
c37b9b9fea73c95de363e8746ff305f4b23f0c28
-
SHA256
4e87a0794bf73d06ac1ce4a37e33eb832ff4c89fb9e4266490c7cef9229d27a7
-
SHA512
ac91cb1e00db5eab4dd2253f745703d95ea4fe086c4289da62088f40ea727e4b54205d230b4282d38df006c3aebb2522058e2737c90d426abf900368c9c6dbba
-
SSDEEP
6144:jLPkIupKPUWqUzHwlyLqZucfo/4dQSP8AEcmqRYn/nCrK8cI1WaWQ0vOKO5DBHQp:3kXoDOUAuao/Kl9a9bQ+ZE1Qyu9
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-