General
-
Target
WhatsApp.zip
-
Size
8.8MB
-
Sample
240523-ktqfqabd23
-
MD5
0983e3f94c2f14cca5c3ffa3d9f419ba
-
SHA1
20e2868857466e3b35bc734ac9eb950968dd5a7b
-
SHA256
e99f6eee7ef846bb809c51a3df5e6c4d7629d85c5a7a44939545c57ffae401fa
-
SHA512
7371d178a7b6f7e166121a99f2e8208ebe66e4e1102887839e8833f555c63f0781fc67ccc7ea115bcda348165accf4589636b7e803f3335bbd63e715d35bd36d
-
SSDEEP
196608:iXtBH7h7KQ1Z/hqkEAoAEvLgrzZQhLM5jnndq5kMlsIlVA2OYyduhnjLZGOjBrmj:idRTXA88g4LMW5PsIlgYXjLIOjxmj
Static task
static1
Behavioral task
behavioral1
Sample
whats.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
whats.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
whats.exe
-
Size
12.1MB
-
MD5
ff9ad3e1150b2a99335ab5e295513062
-
SHA1
9ef477c731e01214f76e4f6161b2b09d92c4fc33
-
SHA256
b3f70a8027e35c91ad1a18f7176a29f755bba27b20ace5159e5b784c7dab4443
-
SHA512
5ffd609ba0e0d9b6b3aa029eca7083a1fce286a4f3db1dfefb114e48d33ce16fb1e53834c19a83c5909a1e71aa5f1668ac2760516770517805654397684b533b
-
SSDEEP
196608:CNESzoOoT8GyziDMqM4mUFBgFzBQDjMPDt7xqxWM/QstP4imicl69ppdJWs4dJ2k:sfz68FEeIgajMCxLQstIifHd4s4T2k
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-