General
-
Target
2024-05-23_385d407abb78767b5d6f67b5a3492742_avoslocker_cobalt-strike
-
Size
495KB
-
Sample
240523-b6tjgahb7w
-
MD5
385d407abb78767b5d6f67b5a3492742
-
SHA1
c1b8e1cca335ff6beab36ca1994e42a69506c85a
-
SHA256
498ccb5e245b4a20f8a4aa7bd236fae1e017809b399bb810bc803fd6cb59ff1e
-
SHA512
19abac3c6931e1d0176cf06d93e5c6e6d5e580fb3aa6ac41e9bbd45ec2b9bafd51e48a111035d67e28cbb113d09d4f0852b4161d13f4f8b62a3d74cc83229a7d
-
SSDEEP
6144:g7WQ0j4ltziolIGlnE2deWdrlBu0R+J5JlLgPYfq8ZF02IlLZD30nXes2H:Ii4lZiopdfu0R+J5JlLgPbD30nF2H
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-23_385d407abb78767b5d6f67b5a3492742_avoslocker_cobalt-strike.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
2024-05-23_385d407abb78767b5d6f67b5a3492742_avoslocker_cobalt-strike
-
Size
495KB
-
MD5
385d407abb78767b5d6f67b5a3492742
-
SHA1
c1b8e1cca335ff6beab36ca1994e42a69506c85a
-
SHA256
498ccb5e245b4a20f8a4aa7bd236fae1e017809b399bb810bc803fd6cb59ff1e
-
SHA512
19abac3c6931e1d0176cf06d93e5c6e6d5e580fb3aa6ac41e9bbd45ec2b9bafd51e48a111035d67e28cbb113d09d4f0852b4161d13f4f8b62a3d74cc83229a7d
-
SSDEEP
6144:g7WQ0j4ltziolIGlnE2deWdrlBu0R+J5JlLgPYfq8ZF02IlLZD30nXes2H:Ii4lZiopdfu0R+J5JlLgPbD30nF2H
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-