General
-
Target
8bff409b5f2000f575688a87638b98d592c134b5846761357457a93680de35f8
-
Size
269KB
-
Sample
240521-s2sj2saf9z
-
MD5
1d02dbc7a19497a739f8db843b42bd15
-
SHA1
1376cf6fc76aaed204dd9abb4f85b3e43c093bef
-
SHA256
8bff409b5f2000f575688a87638b98d592c134b5846761357457a93680de35f8
-
SHA512
5da4137095a72d6557952591840debe07e84579101132d3e2affb4fb7defb71142603ae27995e22b449413fa5a5019e4f3dcfa998caded0b37aa3a28a03f8654
-
SSDEEP
3072:2lV142hxL8V3SuBboz7sPkhAbrHOGx0Xzmk/ujR8VE9blkWx8GiW5tsEX:2lQ2rSM7iGAbinvuN0E9gL
Static task
static1
Behavioral task
behavioral1
Sample
8bff409b5f2000f575688a87638b98d592c134b5846761357457a93680de35f8.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gcleaner
185.172.128.90
5.42.64.56
185.172.128.69
Targets
-
-
Target
8bff409b5f2000f575688a87638b98d592c134b5846761357457a93680de35f8
-
Size
269KB
-
MD5
1d02dbc7a19497a739f8db843b42bd15
-
SHA1
1376cf6fc76aaed204dd9abb4f85b3e43c093bef
-
SHA256
8bff409b5f2000f575688a87638b98d592c134b5846761357457a93680de35f8
-
SHA512
5da4137095a72d6557952591840debe07e84579101132d3e2affb4fb7defb71142603ae27995e22b449413fa5a5019e4f3dcfa998caded0b37aa3a28a03f8654
-
SSDEEP
3072:2lV142hxL8V3SuBboz7sPkhAbrHOGx0Xzmk/ujR8VE9blkWx8GiW5tsEX:2lQ2rSM7iGAbinvuN0E9gL
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-