General
-
Target
Clangen.sfx.exe
-
Size
77.3MB
-
Sample
240424-jq8x8afg84
-
MD5
14f8ae0123d56a279b5bff74524864f2
-
SHA1
2eabccf312c926ad1937bcba55ef73b6fb8ee02f
-
SHA256
f3513878f891b367d4d6c42ecf689b65fae3f1e7e3ae0c2ceb40efddab9429bc
-
SHA512
01c329a8a63fa6de342080fc4eb4ab90216411ff35b0e80f18d330d6bbf62749453f5afadb10885e0605f6f3206ddaf8c9aea144163c8a8381b235c53d7d6845
-
SSDEEP
1572864:ejPxL2kRi9npTQNIOxcocBq+WoXw0rIgtPIivBUbYEKv:o2k830T+0+XwOWqBUbY1v
Static task
static1
Behavioral task
behavioral1
Sample
Clangen.sfx.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
Clangen.sfx.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
Clangen.sfx.exe
Resource
win11-20240412-en
Malware Config
Targets
-
-
Target
Clangen.sfx.exe
-
Size
77.3MB
-
MD5
14f8ae0123d56a279b5bff74524864f2
-
SHA1
2eabccf312c926ad1937bcba55ef73b6fb8ee02f
-
SHA256
f3513878f891b367d4d6c42ecf689b65fae3f1e7e3ae0c2ceb40efddab9429bc
-
SHA512
01c329a8a63fa6de342080fc4eb4ab90216411ff35b0e80f18d330d6bbf62749453f5afadb10885e0605f6f3206ddaf8c9aea144163c8a8381b235c53d7d6845
-
SSDEEP
1572864:ejPxL2kRi9npTQNIOxcocBq+WoXw0rIgtPIivBUbYEKv:o2k830T+0+XwOWqBUbY1v
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-