General
-
Target
26519d3b87b0bce9cacd121c6837fdf4e91500b52c14735068bb495f04fe1852.exe
-
Size
1.0MB
-
Sample
240523-blevksga71
-
MD5
9c45e536f5c88334f24cab2ab89ee21e
-
SHA1
586564ab3bd5ea6c329d91af2cb90c62593cc5f9
-
SHA256
26519d3b87b0bce9cacd121c6837fdf4e91500b52c14735068bb495f04fe1852
-
SHA512
c4c2d7a3296e37e448b7d5580c97cde6af431cb07c3e8d18b6d1e0fab68e47662605e7fa44273eda7f2b81907bf3d7a01847ded03feacbd80355c0f69a51b2ef
-
SSDEEP
12288:7X1iui6yWSKxwk0elr2wuC4bTaOJKxK75xi817KsmExR+ZImobjP:BdSKxw3eYhC4naOhZQIHjP
Static task
static1
Behavioral task
behavioral1
Sample
26519d3b87b0bce9cacd121c6837fdf4e91500b52c14735068bb495f04fe1852.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
26519d3b87b0bce9cacd121c6837fdf4e91500b52c14735068bb495f04fe1852.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
26519d3b87b0bce9cacd121c6837fdf4e91500b52c14735068bb495f04fe1852.exe
-
Size
1.0MB
-
MD5
9c45e536f5c88334f24cab2ab89ee21e
-
SHA1
586564ab3bd5ea6c329d91af2cb90c62593cc5f9
-
SHA256
26519d3b87b0bce9cacd121c6837fdf4e91500b52c14735068bb495f04fe1852
-
SHA512
c4c2d7a3296e37e448b7d5580c97cde6af431cb07c3e8d18b6d1e0fab68e47662605e7fa44273eda7f2b81907bf3d7a01847ded03feacbd80355c0f69a51b2ef
-
SSDEEP
12288:7X1iui6yWSKxwk0elr2wuC4bTaOJKxK75xi817KsmExR+ZImobjP:BdSKxw3eYhC4naOhZQIHjP
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-