General
-
Target
da4aaa81fc38bce014f69ba314797fdb2c1cb1433916a751899d048448fa8731
-
Size
592KB
-
Sample
240626-d8sfaswamp
-
MD5
7468b2d95e504bafaa051f4bf1621949
-
SHA1
b1fd0dbdaa7c1e3c6c6e29649e83e8283832c4a2
-
SHA256
da4aaa81fc38bce014f69ba314797fdb2c1cb1433916a751899d048448fa8731
-
SHA512
4c6d09ffc64a8e1b10a06576a01e30897378a09fc8ee3a0072d7fb1e77cb81fefc9ca222c032f7c2da9e71b128e3d24fd5c2736e5a35860ccb99f5ca52f55d3b
-
SSDEEP
12288:wcWRJxhIUKofd9S88itJsL6s8GwUF81yn0FI/6IC0XoSE:TW/xhIUKofSytJsL6HUP0OHC7
Behavioral task
behavioral1
Sample
da4aaa81fc38bce014f69ba314797fdb2c1cb1433916a751899d048448fa8731.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
da4aaa81fc38bce014f69ba314797fdb2c1cb1433916a751899d048448fa8731.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
da4aaa81fc38bce014f69ba314797fdb2c1cb1433916a751899d048448fa8731
-
Size
592KB
-
MD5
7468b2d95e504bafaa051f4bf1621949
-
SHA1
b1fd0dbdaa7c1e3c6c6e29649e83e8283832c4a2
-
SHA256
da4aaa81fc38bce014f69ba314797fdb2c1cb1433916a751899d048448fa8731
-
SHA512
4c6d09ffc64a8e1b10a06576a01e30897378a09fc8ee3a0072d7fb1e77cb81fefc9ca222c032f7c2da9e71b128e3d24fd5c2736e5a35860ccb99f5ca52f55d3b
-
SSDEEP
12288:wcWRJxhIUKofd9S88itJsL6s8GwUF81yn0FI/6IC0XoSE:TW/xhIUKofSytJsL6HUP0OHC7
Score10/10-
UPX dump on OEP (original entry point)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-