General
-
Target
IDMan.exe
-
Size
5.6MB
-
Sample
240422-x9klmafb69
-
MD5
bb6c540ccad4386c7d88dd71cb539d10
-
SHA1
d446c9a5d0432dd94f3d78a728274e63469dd0b8
-
SHA256
9ad69452e768c6b36ae222253141eece96c9031103afa06a9cecccd7567523d0
-
SHA512
52d69543a2b2edaaea59f506a550c578e76fdcefe1b953cf6026c862acc88228b8bf7b54391bb4705e4b161f7ae22648178643649769c0c109da6273fb649171
-
SSDEEP
98304:97ocqxlQpPAEgIrTx5P4NS18frP3wbzWFimaI7dlZX:ZbqYpPFg3bgbzWFimaI7dlZ
Static task
static1
Behavioral task
behavioral1
Sample
IDMan.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
IDMan.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
IDMan.exe
-
Size
5.6MB
-
MD5
bb6c540ccad4386c7d88dd71cb539d10
-
SHA1
d446c9a5d0432dd94f3d78a728274e63469dd0b8
-
SHA256
9ad69452e768c6b36ae222253141eece96c9031103afa06a9cecccd7567523d0
-
SHA512
52d69543a2b2edaaea59f506a550c578e76fdcefe1b953cf6026c862acc88228b8bf7b54391bb4705e4b161f7ae22648178643649769c0c109da6273fb649171
-
SSDEEP
98304:97ocqxlQpPAEgIrTx5P4NS18frP3wbzWFimaI7dlZX:ZbqYpPFg3bgbzWFimaI7dlZ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops file in System32 directory
-