General
-
Target
0e4cdfa6fe6a39add920d243f7a5c0313d8278db5c23b5b851c44d958b3edb88
-
Size
269KB
-
Sample
240521-pfmj5add7s
-
MD5
12e153367bb1836dc2a62615abc29764
-
SHA1
f884664281bc87b8a48b76e57da39e2f15547dce
-
SHA256
0e4cdfa6fe6a39add920d243f7a5c0313d8278db5c23b5b851c44d958b3edb88
-
SHA512
44d5af02eb3849da3b5c5a13b09737ca70019e0b1130dba2f639c3ed8d685b5d893d58df692f0a40f376f26c9397959c2e261f87cfbf05361c5cd7de4f4267a5
-
SSDEEP
3072:N5PhlEhZrqjKNNTJjOVrVj2PQXyyhWpNNAeDzWmklG3ITKRRda58Ueq:NZhKZrtNaVLXyy8NNZDklyhR
Static task
static1
Behavioral task
behavioral1
Sample
0e4cdfa6fe6a39add920d243f7a5c0313d8278db5c23b5b851c44d958b3edb88.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
gcleaner
185.172.128.90
5.42.64.56
185.172.128.69
Targets
-
-
Target
0e4cdfa6fe6a39add920d243f7a5c0313d8278db5c23b5b851c44d958b3edb88
-
Size
269KB
-
MD5
12e153367bb1836dc2a62615abc29764
-
SHA1
f884664281bc87b8a48b76e57da39e2f15547dce
-
SHA256
0e4cdfa6fe6a39add920d243f7a5c0313d8278db5c23b5b851c44d958b3edb88
-
SHA512
44d5af02eb3849da3b5c5a13b09737ca70019e0b1130dba2f639c3ed8d685b5d893d58df692f0a40f376f26c9397959c2e261f87cfbf05361c5cd7de4f4267a5
-
SSDEEP
3072:N5PhlEhZrqjKNNTJjOVrVj2PQXyyhWpNNAeDzWmklG3ITKRRda58Ueq:NZhKZrtNaVLXyy8NNZDklyhR
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-