General
-
Target
SmartDefragmenter.zip
-
Size
376KB
-
Sample
240613-2expxswhkn
-
MD5
541d8406002aa2750a2cf59480e71d94
-
SHA1
ac40c4715cca6967e2af789cee246b5a0d533a9f
-
SHA256
ddf1b79f563d94bb3ddb46b37aa010d95403dc7a1debfc9476a8ab449472b738
-
SHA512
9d3f5fd405be3a76b9d0150e58a2af24cd609a1b7b63bac9e68350a0b153a42bf4941c5d2d8d752ee5d9d6dcc690250811a9c688e2efcc458abef71580add73b
-
SSDEEP
6144:MdZTQDqwhWbeXTbAf4KINkYLcwpO/ZuY2EwbJ2Fgzz+n6tBN+Pz9BQBa4oQRMgs:yZw1DbAf4KIqM4cewFQ2z+6XNk3QVRM5
Static task
static1
Malware Config
Targets
-
-
Target
-
Size
438KB
-
MD5
03baeba6b4224371cca7fa6f95ae61c0
-
SHA1
8731202d2f954421a37b5c9e01d971131bd515f1
-
SHA256
61a9e3278b6bcc29a2a0405b06fb2a3bbcb1751c3dd564a8f94cc89ea957ec35
-
SHA512
386643b0a52b6b1a53e81a8500d040b6415e532ebaffd1be8d1afd4ccb10f6c0342cf734b688ec803b960339284c8d9669e638b1648d9cc734cf7367659c7fd0
-
SSDEEP
6144:hBGrTx2fgEViq+JoQ9tpecSXFADhKXPEKJRlETLV+PwoVUqwhlKq6yem8lhg:6rLEyptwnX+gXrRlESwKKhlP6yxGh
Score8/10-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-