General
-
Target
ad1448677eac1359fe87f0086c2dc8f5865cb32f8303952a1d49ceea400934d7
-
Size
293KB
-
Sample
240526-m83qpsgh97
-
MD5
7773dfc253110b66e3900cbf7d60898a
-
SHA1
b23932263b0ede8f4f3d0136d05578c65e6195ed
-
SHA256
ad1448677eac1359fe87f0086c2dc8f5865cb32f8303952a1d49ceea400934d7
-
SHA512
ce28368fa44e2739ff796e64f168dcbeebe67bc2d3c3135680269b0c96393a27993c4891519d30c3565ef90cf545a8b4c68ae4457e96d4caf13da5942313a835
-
SSDEEP
6144:KD4MY2AZu7zUgW5JykNFhlaFK1DbuoG7WLtwT:KDy9Zu0gsBGkByam
Static task
static1
Behavioral task
behavioral1
Sample
ad1448677eac1359fe87f0086c2dc8f5865cb32f8303952a1d49ceea400934d7.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
gcleaner
185.172.128.90
5.42.64.56
185.172.128.69
Targets
-
-
Target
ad1448677eac1359fe87f0086c2dc8f5865cb32f8303952a1d49ceea400934d7
-
Size
293KB
-
MD5
7773dfc253110b66e3900cbf7d60898a
-
SHA1
b23932263b0ede8f4f3d0136d05578c65e6195ed
-
SHA256
ad1448677eac1359fe87f0086c2dc8f5865cb32f8303952a1d49ceea400934d7
-
SHA512
ce28368fa44e2739ff796e64f168dcbeebe67bc2d3c3135680269b0c96393a27993c4891519d30c3565ef90cf545a8b4c68ae4457e96d4caf13da5942313a835
-
SSDEEP
6144:KD4MY2AZu7zUgW5JykNFhlaFK1DbuoG7WLtwT:KDy9Zu0gsBGkByam
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-