General
-
Target
7lk7vT1.exe
-
Size
119KB
-
Sample
240518-r2zgxsgd88
-
MD5
f548ca220d471a524cb1c7d8ff613721
-
SHA1
3040c8945b16a58f44dd4f1ae5a7b0faf61b405e
-
SHA256
5d0be378578617a2264e822d1b4424d71e8fa3e8dad60b30af614b173682880b
-
SHA512
b1ea254c1ab6c3983cdb906f39403da5b342fed1836b14b4654a0e25dcae274edc517e30ec66fefbeb6f511b89e869a4d785098896bf55eac36108c79494c158
-
SSDEEP
3072:BKUpvwYGqOcW7gabRq15QWXzCrAZu8Gq:MIWMabAL
Malware Config
Extracted
toxiceye
https://api.telegram.org/bot6444357834:AAGtL3te5_xl4dvacn8BJElHrky5SlLcE_4/sendMessage?chat_id=5974265372
Targets
-
-
Target
7lk7vT1.exe
-
Size
119KB
-
MD5
f548ca220d471a524cb1c7d8ff613721
-
SHA1
3040c8945b16a58f44dd4f1ae5a7b0faf61b405e
-
SHA256
5d0be378578617a2264e822d1b4424d71e8fa3e8dad60b30af614b173682880b
-
SHA512
b1ea254c1ab6c3983cdb906f39403da5b342fed1836b14b4654a0e25dcae274edc517e30ec66fefbeb6f511b89e869a4d785098896bf55eac36108c79494c158
-
SSDEEP
3072:BKUpvwYGqOcW7gabRq15QWXzCrAZu8Gq:MIWMabAL
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-