General
-
Target
processlassosetup64.exe
-
Size
2.5MB
-
Sample
240526-nn8lwsgg3y
-
MD5
358915d6380a157ac8536b18fdb28a7c
-
SHA1
7c91f36ca72297fdca49034fcd515f58563593f9
-
SHA256
4f0bbba52d150871cdd6d354fc40ad7634ab0598ff69048faa73f2e70ba35279
-
SHA512
2f15173c3dbcde668bcd787607c6dbd1ec7e621438fd70ccfa2669c97766d5c7060686cbfc0de94d1b47b0db110274630391866d15ff138a53799cacc7498ee6
-
SSDEEP
49152:t6LF24Q4O63rWluYp9VPMYHgJPsg3avKpufa3/kyzamgFkci5:tGe4t3rWfHVPJ8Zavdk/kyzaiD
Static task
static1
Behavioral task
behavioral1
Sample
processlassosetup64.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
processlassosetup64.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
processlassosetup64.exe
-
Size
2.5MB
-
MD5
358915d6380a157ac8536b18fdb28a7c
-
SHA1
7c91f36ca72297fdca49034fcd515f58563593f9
-
SHA256
4f0bbba52d150871cdd6d354fc40ad7634ab0598ff69048faa73f2e70ba35279
-
SHA512
2f15173c3dbcde668bcd787607c6dbd1ec7e621438fd70ccfa2669c97766d5c7060686cbfc0de94d1b47b0db110274630391866d15ff138a53799cacc7498ee6
-
SSDEEP
49152:t6LF24Q4O63rWluYp9VPMYHgJPsg3avKpufa3/kyzamgFkci5:tGe4t3rWfHVPJ8Zavdk/kyzaiD
Score6/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-