General
-
Target
c392d4188393f4a82d6b47c3fc4099e2.bin
-
Size
713KB
-
Sample
240613-cqbjdsvbnp
-
MD5
4e56e64e34ef690a2655574351a65763
-
SHA1
458a50d8991defa358d3b5d0ea64f72f1565f94f
-
SHA256
5760140c8cfa4e4cbb2a42cd839ad60c7e155526159b1fb0b51b28275f2c6750
-
SHA512
2ff2dd63e355cddbe81c9d1a581c29a8700dd4392fa433a4d9cfd673d96648173d32ee39c814766907c241988c463e73341e462ae606a9f3aa4552e20cdf41af
-
SSDEEP
12288:kuYjIG2/f/y4l16K7pzdLDPv0w1dD5VMvmsvZhNimKrEe6rsoSRTJQltYuNXcW5C:kuYI3//77BdPH3BMBBFKr/ro4VI2
Static task
static1
Behavioral task
behavioral1
Sample
684b898fd7fed76973c556a948858f5aa69ecaca176fa5e856ecd246a8c57565.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
684b898fd7fed76973c556a948858f5aa69ecaca176fa5e856ecd246a8c57565.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
684b898fd7fed76973c556a948858f5aa69ecaca176fa5e856ecd246a8c57565.exe
-
Size
744KB
-
MD5
c392d4188393f4a82d6b47c3fc4099e2
-
SHA1
fdda6b1da9c657e840212518d3854acabb4cdbf3
-
SHA256
684b898fd7fed76973c556a948858f5aa69ecaca176fa5e856ecd246a8c57565
-
SHA512
43824c2258edc9d09dfe52ed96bc53862e3a9512803cccbce3158ac34f90904d6feb113c369afa955b73489d2b6be287a253b7d20569fb719ce114b5f8eea6da
-
SSDEEP
12288:GX0pxoBV36Di8BtLySdcLrALrHpzNmZFwPExmG3tff/5Kg/guLU8GpX/4d9UeRSs:8BFKReQ/JzcFwPExNt/5F4CUbw1SFth
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-