General
-
Target
1c8920973cfa14fafcc7d97a3cb5a43d8e713a0f50faa2738be7c61af21a4832
-
Size
298KB
-
Sample
240622-xwajhavcrk
-
MD5
0c03803dd1100fbbc6b4f7ddc0cf784a
-
SHA1
1460e3e05cfb7cfed696c09911906d329e8c1a8e
-
SHA256
1c8920973cfa14fafcc7d97a3cb5a43d8e713a0f50faa2738be7c61af21a4832
-
SHA512
f62de12651fcd0fc903fc29cd870db59a17be73f3aa20b3e4d0379242214e31d410aec1082e9c68506808f032b74c99be615c503460bdcfec2e03ebd2c82e5e6
-
SSDEEP
6144:+dRVzSkGTxSLD8uq5CaOPs47bhqUde8JfsAdfk4iX0+mB37lp:+hqxSLo5C1Ps4XhA8JHd87eB7D
Static task
static1
Behavioral task
behavioral1
Sample
1c8920973cfa14fafcc7d97a3cb5a43d8e713a0f50faa2738be7c61af21a4832.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1c8920973cfa14fafcc7d97a3cb5a43d8e713a0f50faa2738be7c61af21a4832.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
cobaltstrike
http://47.107.23.145:80/7jRj
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)
Targets
-
-
Target
1c8920973cfa14fafcc7d97a3cb5a43d8e713a0f50faa2738be7c61af21a4832
-
Size
298KB
-
MD5
0c03803dd1100fbbc6b4f7ddc0cf784a
-
SHA1
1460e3e05cfb7cfed696c09911906d329e8c1a8e
-
SHA256
1c8920973cfa14fafcc7d97a3cb5a43d8e713a0f50faa2738be7c61af21a4832
-
SHA512
f62de12651fcd0fc903fc29cd870db59a17be73f3aa20b3e4d0379242214e31d410aec1082e9c68506808f032b74c99be615c503460bdcfec2e03ebd2c82e5e6
-
SSDEEP
6144:+dRVzSkGTxSLD8uq5CaOPs47bhqUde8JfsAdfk4iX0+mB37lp:+hqxSLo5C1Ps4XhA8JHd87eB7D
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-