General
-
Target
1.2.6.0.zip
-
Size
18.3MB
-
Sample
240619-de4w8ssenf
-
MD5
7832f20352027c56624f7ee3de650179
-
SHA1
2d6e888acf08a3c274f4baafde6ae9119eb7f786
-
SHA256
394367fbf7fcaed9fce1ed15d17329b644538e5e1b7f5fa7b3ff55ca2d6ce658
-
SHA512
219d226e7c1d17420741dd6d1f519857e344b953f0a51f474646b3ce5efc6e7f1ef224aa67f9f0be8a7d9c3fbb98265d5c743b2ba9c13383d2ef60250857f6a9
-
SSDEEP
393216:DgbdmZZ0Jwuppkm/mC5DcaEbKVbDV5Hr+xphLg4H7OnaSBY8USJ1vBn86a9kWtw:sbY0hpk+jNcYBjHr+JLgwyaSBNH3vRXV
Static task
static1
Behavioral task
behavioral1
Sample
1.2.6.0/1.2.6.0.lnk
Resource
win10v2004-20240611-en
Malware Config
Extracted
Protocol: ftp- Host:
94.156.8.173 - Port:
21 - Username:
anonymous - Password:
anonymous@
Targets
-
-
Target
1.2.6.0/1.2.6.0.lnk
-
Size
1KB
-
MD5
ed1743440a109e87c91b9702c80303aa
-
SHA1
d0214b75e865b7375ad60753165823738f14a674
-
SHA256
bc267a377de2a1c28b9e484188153b1593b10f6d1b9e27e7a10532dbdfb8feeb
-
SHA512
a965901436aea141d3246b90728ceffd6721d1f58f24bc6b69b0e44c0a656e17867aeb3cd42f52a78c32137c14db4e64c67646fcfbfd639a5aafee469c392dfc
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-