General
-
Target
58fb2eef2cb867a0316df7cd3d833333dc48653eb2c9e1f639c9f749ec39f265.exe
-
Size
886KB
-
Sample
240612-bvz7waxfnr
-
MD5
cb76abe70c6500321b07c9141a933150
-
SHA1
4ffebb292fa0edac17fe9c7705974ef2a2bccca4
-
SHA256
58fb2eef2cb867a0316df7cd3d833333dc48653eb2c9e1f639c9f749ec39f265
-
SHA512
5b5e732ebd88d9cd7d065a90a4db1f6f9ac5ddec76664aa3a44ad5262df9b2dcf6a57208f29cd31503b93e609d1c22b1a761475f250ce9b3148dfcbd5b46cdde
-
SSDEEP
24576:qg61jjk0LAta9A9DIrXlmoJcI67CoXq/la7vDLlEwXAYs:5UXlmIRD4EliDBEwI
Malware Config
Targets
-
-
Target
58fb2eef2cb867a0316df7cd3d833333dc48653eb2c9e1f639c9f749ec39f265.exe
-
Size
886KB
-
MD5
cb76abe70c6500321b07c9141a933150
-
SHA1
4ffebb292fa0edac17fe9c7705974ef2a2bccca4
-
SHA256
58fb2eef2cb867a0316df7cd3d833333dc48653eb2c9e1f639c9f749ec39f265
-
SHA512
5b5e732ebd88d9cd7d065a90a4db1f6f9ac5ddec76664aa3a44ad5262df9b2dcf6a57208f29cd31503b93e609d1c22b1a761475f250ce9b3148dfcbd5b46cdde
-
SSDEEP
24576:qg61jjk0LAta9A9DIrXlmoJcI67CoXq/la7vDLlEwXAYs:5UXlmIRD4EliDBEwI
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-