General
-
Target
2ad1c6a615270f430e34d4fcfa6c3245.bin
-
Size
402KB
-
Sample
240530-b8cnqsbb73
-
MD5
752ee6ab9508abf81232e4739da127df
-
SHA1
08cfa1cabfb73370793ee7fc19b84c433bf87492
-
SHA256
bb72dcce66a3a30a5223cf1c436d4ae9b1ef0e937f38300925e279a86cc89bf2
-
SHA512
97c0b38eed40c7f882de1897d6a9d8c87208dc07a872594280c7037ef73cf134bc41df4ba8abb4698342cc5ebdddf5be3900017563a921299e9131106a805248
-
SSDEEP
12288:m0Lmyg2CcxiNx7DcKc+P6fuZ141drVfzh:m5yg2C/NxV1CfuZ1mrVfN
Static task
static1
Behavioral task
behavioral1
Sample
6af8cef5811fe0f2d7d36c23a0180b6aa1ab7f66ca39c6a2b513f85a9bb5817d.vbs
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6af8cef5811fe0f2d7d36c23a0180b6aa1ab7f66ca39c6a2b513f85a9bb5817d.vbs
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
6af8cef5811fe0f2d7d36c23a0180b6aa1ab7f66ca39c6a2b513f85a9bb5817d.vbs
-
Size
1.1MB
-
MD5
2ad1c6a615270f430e34d4fcfa6c3245
-
SHA1
117146e34def5b8c5bbae1b9eec51a6944417c7f
-
SHA256
6af8cef5811fe0f2d7d36c23a0180b6aa1ab7f66ca39c6a2b513f85a9bb5817d
-
SHA512
5692c9b37f1969b01a0c7f4042924238e94a5d5ab0e0c1ef01f20ecd81fd8b34b4de4587342950097a71c30881a90b4b3907dc7505dc78e3f1fc148f6847a128
-
SSDEEP
12288:/31cvBzbU01qal638iNX3iTMgmuYtWN/ZgMiQPeRj8:/Yz64+2Sj8
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-