General
-
Target
0ac425e856ff451cd61399325e9d1a52.bin
-
Size
529KB
-
Sample
240626-bzd57szarl
-
MD5
0ac425e856ff451cd61399325e9d1a52
-
SHA1
0840718fecf6d060bd8773bf5eeeef81e5628b7c
-
SHA256
48ce65f0dbe42922716e4335720aae89a15abd9a21a287a6cabb11b0317b5ab0
-
SHA512
9a946af514eb9535a6e8137275b421080ced3a21cad097a4ab8a85c14c3b60340b5dc4827a0faac2deb239d3877ae67bb5c9796126dd6ae2726fe1e660a13750
-
SSDEEP
12288:za/0zI6S3Ifs3WHjoPtfEmYNfdj6Jy16dr4RkRD4srnOaGNwsImWpz:vI3x3yj7FZd+JyurmkR0sL+NwsR2z
Static task
static1
Behavioral task
behavioral1
Sample
0ac425e856ff451cd61399325e9d1a52.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0ac425e856ff451cd61399325e9d1a52.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
0ac425e856ff451cd61399325e9d1a52.bin
-
Size
529KB
-
MD5
0ac425e856ff451cd61399325e9d1a52
-
SHA1
0840718fecf6d060bd8773bf5eeeef81e5628b7c
-
SHA256
48ce65f0dbe42922716e4335720aae89a15abd9a21a287a6cabb11b0317b5ab0
-
SHA512
9a946af514eb9535a6e8137275b421080ced3a21cad097a4ab8a85c14c3b60340b5dc4827a0faac2deb239d3877ae67bb5c9796126dd6ae2726fe1e660a13750
-
SSDEEP
12288:za/0zI6S3Ifs3WHjoPtfEmYNfdj6Jy16dr4RkRD4srnOaGNwsImWpz:vI3x3yj7FZd+JyurmkR0sL+NwsR2z
Score10/10-
Modifies WinLogon for persistence
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-