General
-
Target
cb76abe70c6500321b07c9141a933150.bin
-
Size
742KB
-
Sample
240613-cqhygavbpp
-
MD5
95872bcc3e91804afdc2f531d8c52f53
-
SHA1
9b02cfeda1cd5c616d3a2469f445184aa9cde623
-
SHA256
712f1d60bb34625bdbb95ad328d08eec8edb5827f2a8947d07a4aff253f75208
-
SHA512
9623f0cc2189940f99f915519c576115ec3e8c048b28cd4b888269f055d8cb2e609dc10afb17419fd4a6bbe785b41212ca2d3eaff0785648290cef8bb0cae006
-
SSDEEP
12288:iXoAx2PAo8D+Tr/FewKHkN2vLc5vonE0Hl+MJb/jWiV43cxEc7ruLvVo4PwAFJtU:iXos2Pb8gTFRQvPJb/jNRxEFL9o4PRF8
Static task
static1
Behavioral task
behavioral1
Sample
58fb2eef2cb867a0316df7cd3d833333dc48653eb2c9e1f639c9f749ec39f265.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
58fb2eef2cb867a0316df7cd3d833333dc48653eb2c9e1f639c9f749ec39f265.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
58fb2eef2cb867a0316df7cd3d833333dc48653eb2c9e1f639c9f749ec39f265.exe
-
Size
886KB
-
MD5
cb76abe70c6500321b07c9141a933150
-
SHA1
4ffebb292fa0edac17fe9c7705974ef2a2bccca4
-
SHA256
58fb2eef2cb867a0316df7cd3d833333dc48653eb2c9e1f639c9f749ec39f265
-
SHA512
5b5e732ebd88d9cd7d065a90a4db1f6f9ac5ddec76664aa3a44ad5262df9b2dcf6a57208f29cd31503b93e609d1c22b1a761475f250ce9b3148dfcbd5b46cdde
-
SSDEEP
24576:qg61jjk0LAta9A9DIrXlmoJcI67CoXq/la7vDLlEwXAYs:5UXlmIRD4EliDBEwI
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-