General
-
Target
Spotify.exe
-
Size
1.9MB
-
Sample
240523-bftfsaga72
-
MD5
464607eb8f802313ec0a39edacec65c1
-
SHA1
1b55b1ae70d5f6e26d4057001956520e98203696
-
SHA256
6a3b747d3129a5d44b7bad158f3ad776df720eb9afdeffc0e0d4246fd1d12179
-
SHA512
92b2628c927420a0a319181b32b5eacdace9fd3bbb9b46ecf4a67af12adb433901a2cb03b54a823cf7988b2f4d8da74baef3f398cb18db3c589e29d492187986
-
SSDEEP
24576:mwopgdGg8w/K6a5mOuxho4dTFMP8JsU3Aot+Ec0xMkIqqIpUSc9F:JopgdGc/K6aQxT7MTqqIpUSc9F
Static task
static1
Behavioral task
behavioral1
Sample
Spotify.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
Spotify.exe
-
Size
1.9MB
-
MD5
464607eb8f802313ec0a39edacec65c1
-
SHA1
1b55b1ae70d5f6e26d4057001956520e98203696
-
SHA256
6a3b747d3129a5d44b7bad158f3ad776df720eb9afdeffc0e0d4246fd1d12179
-
SHA512
92b2628c927420a0a319181b32b5eacdace9fd3bbb9b46ecf4a67af12adb433901a2cb03b54a823cf7988b2f4d8da74baef3f398cb18db3c589e29d492187986
-
SSDEEP
24576:mwopgdGg8w/K6a5mOuxho4dTFMP8JsU3Aot+Ec0xMkIqqIpUSc9F:JopgdGc/K6aQxT7MTqqIpUSc9F
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-