General
-
Target
631e9daaee241678334ffae4db8bae66a2781fac9bacb73676ee248917deae3f.exe
-
Size
735KB
-
Sample
240523-awy6jafa97
-
MD5
67e8394308a06ffee627c77b7d3d16ea
-
SHA1
e0d9daad8296d2f757cc442d1d1f1302d7aec13b
-
SHA256
631e9daaee241678334ffae4db8bae66a2781fac9bacb73676ee248917deae3f
-
SHA512
2081ce36d917c75157c9c2be12dfee62ea7ffee18c809eee51c7415e5ef9b1868398f2d95412b71a7d2e5d1d24570513d6a5f242f67a30744ef9ca6a401bf48a
-
SSDEEP
12288:IWEY5/l9s22BEEzFatnMwpOl555EQK+AlkKr0HBZR6ZUlo8if:gA/l9s3BEWwpOz55/K+Alk0IeUloP
Static task
static1
Behavioral task
behavioral1
Sample
631e9daaee241678334ffae4db8bae66a2781fac9bacb73676ee248917deae3f.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
631e9daaee241678334ffae4db8bae66a2781fac9bacb73676ee248917deae3f.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
631e9daaee241678334ffae4db8bae66a2781fac9bacb73676ee248917deae3f.exe
-
Size
735KB
-
MD5
67e8394308a06ffee627c77b7d3d16ea
-
SHA1
e0d9daad8296d2f757cc442d1d1f1302d7aec13b
-
SHA256
631e9daaee241678334ffae4db8bae66a2781fac9bacb73676ee248917deae3f
-
SHA512
2081ce36d917c75157c9c2be12dfee62ea7ffee18c809eee51c7415e5ef9b1868398f2d95412b71a7d2e5d1d24570513d6a5f242f67a30744ef9ca6a401bf48a
-
SSDEEP
12288:IWEY5/l9s22BEEzFatnMwpOl555EQK+AlkKr0HBZR6ZUlo8if:gA/l9s3BEWwpOz55/K+Alk0IeUloP
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-