General
-
Target
lrthijawd.exe
-
Size
898KB
-
Sample
240604-r6qqksaf8v
-
MD5
1b1ecd323162c054864b63ada693cd71
-
SHA1
333a67545a5d1aad4d73a3501f7152b4529b6b3e
-
SHA256
902337bbf17ac4e015e03d12e79b60b8dd5a8362496da3291a39e9124c58d9ff
-
SHA512
f1776b6a457108f10ca940ce02ce98b73404f5cf18fccee4977024cfaf74d7f48666d4da9be1bee27531525e276cb8cfadba39b0c81e0fd8cbe42f7672f45b71
-
SSDEEP
24576:juDXTIGaPhEYzUzA0amuDXTIGaPhEYzUzA0bnl:KDjlabwz9aDjlabwz9rl
Static task
static1
Behavioral task
behavioral1
Sample
lrthijawd.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
lrthijawd.exe
-
Size
898KB
-
MD5
1b1ecd323162c054864b63ada693cd71
-
SHA1
333a67545a5d1aad4d73a3501f7152b4529b6b3e
-
SHA256
902337bbf17ac4e015e03d12e79b60b8dd5a8362496da3291a39e9124c58d9ff
-
SHA512
f1776b6a457108f10ca940ce02ce98b73404f5cf18fccee4977024cfaf74d7f48666d4da9be1bee27531525e276cb8cfadba39b0c81e0fd8cbe42f7672f45b71
-
SSDEEP
24576:juDXTIGaPhEYzUzA0amuDXTIGaPhEYzUzA0bnl:KDjlabwz9aDjlabwz9rl
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-