General
-
Target
ImageCopy.exe
-
Size
26KB
-
Sample
240522-yxd4raeg2w
-
MD5
f74038c324985a14b8e4711beb34ca92
-
SHA1
7dfceac74ff4ec9243fb4a485699cdaf8e7b44bf
-
SHA256
b8a8c03af0a5c380c5206d036fd22dab1447593a58930f259f3d7e9548889365
-
SHA512
7c26993a86a382cb26ab4e9428a0563bd44bb27b33ab38eca2a1da7f285c26e3895bdfa7244b9a4a0f0e06408670e117a4c55910f6ab611bdd9e0801dbf25b0d
-
SSDEEP
768:NybSOiYWhozg89GztypetA2FYjrTcwOhmdEa3MWhLfDEzOzoR:NnO7WGzL9G4pe22FYvT8886LfDS+oR
Behavioral task
behavioral1
Sample
Device/HarddiskVolume3/Fiserv/ImageCopy.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Device/HarddiskVolume3/Fiserv/ImageCopy.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Device/HarddiskVolume3/Fiserv/ImageCopy.exe
-
Size
28KB
-
MD5
36d5b2653df91578cd982cb66bcccf8d
-
SHA1
29b9a4b8ae82368b76adf0faa3547afb297ff378
-
SHA256
4f23f13092f5838c054b4670ced88f785730c803b3a546762925c15f62a73958
-
SHA512
282df27df0674e97ab0b428bedd870147334292cfc1e86cb2dcb0f12b69aa8ec0db276ecd348c1cc8380179d4aa67f9e17b0577182d1491c6d8c30c5eee1ced1
-
SSDEEP
768:wRGuY2P0Vo6r7SiAwyrMRjbyUs1KJu4xlrggInbcuyD7UB:OPcVo6r7S/rab/zEkpg7nouy8
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-