General
-
Target
Clangen.sfx.exe
-
Size
77.4MB
-
Sample
240424-h7nsyafg21
-
MD5
058e987a05ac63bdecf68b886d14ec78
-
SHA1
aadb53f27280cd0ba5da89da3c8ac2c83c8e6562
-
SHA256
373254770b5c06e66a598ab32208d9b26d3d5c2c04181145226060d6f3fb961e
-
SHA512
2fad72c96e29b3f34998bbdcfe3304ea71e2dca74cf00a0cbef22db662bafad993dfb032958473bdac8799a297521ad93014426b9f6dfde49b20cd0f7e85022a
-
SSDEEP
1572864:IMdNbn9kuHTQNehtquAeLoGcp2dFIuCdeEuJkVbK:IWb9l0tu3jd2VykVbK
Static task
static1
Behavioral task
behavioral1
Sample
Clangen.sfx.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Clangen.sfx.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
Clangen.sfx.exe
Resource
win11-20240412-en
Malware Config
Targets
-
-
Target
Clangen.sfx.exe
-
Size
77.4MB
-
MD5
058e987a05ac63bdecf68b886d14ec78
-
SHA1
aadb53f27280cd0ba5da89da3c8ac2c83c8e6562
-
SHA256
373254770b5c06e66a598ab32208d9b26d3d5c2c04181145226060d6f3fb961e
-
SHA512
2fad72c96e29b3f34998bbdcfe3304ea71e2dca74cf00a0cbef22db662bafad993dfb032958473bdac8799a297521ad93014426b9f6dfde49b20cd0f7e85022a
-
SSDEEP
1572864:IMdNbn9kuHTQNehtquAeLoGcp2dFIuCdeEuJkVbK:IWb9l0tu3jd2VykVbK
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-