General
-
Target
fe47f321a2988420eecc3df5ab617a10N.exe
-
Size
576KB
-
Sample
240720-xjazhawanc
-
MD5
fe47f321a2988420eecc3df5ab617a10
-
SHA1
7a1ef9e0afa30b23be22a11ed1518ed7c2c4be10
-
SHA256
bdce34b1e8cae9522227e64f6fe5cf9a011d5e30506f5bb6e4471d8737900caf
-
SHA512
1388764142ba8f00a500440b3902ea229242e84c87bef4ba277ede01fc3d97495a1e2de01e0868c9f80c57d6a9ac055ea716936ca3b301ed1aa7fb4d6e92cb9c
-
SSDEEP
12288:+NWPkHlUkErBuxQ4uzi6d6dL/yiXLzeMdK6io8levy0FhVlpzkzDDoSR:+NWPkHlUfBgpuPdWzyuDTifgyWlo
Behavioral task
behavioral1
Sample
fe47f321a2988420eecc3df5ab617a10N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
fe47f321a2988420eecc3df5ab617a10N.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
fe47f321a2988420eecc3df5ab617a10N.exe
-
Size
576KB
-
MD5
fe47f321a2988420eecc3df5ab617a10
-
SHA1
7a1ef9e0afa30b23be22a11ed1518ed7c2c4be10
-
SHA256
bdce34b1e8cae9522227e64f6fe5cf9a011d5e30506f5bb6e4471d8737900caf
-
SHA512
1388764142ba8f00a500440b3902ea229242e84c87bef4ba277ede01fc3d97495a1e2de01e0868c9f80c57d6a9ac055ea716936ca3b301ed1aa7fb4d6e92cb9c
-
SSDEEP
12288:+NWPkHlUkErBuxQ4uzi6d6dL/yiXLzeMdK6io8levy0FhVlpzkzDDoSR:+NWPkHlUfBgpuPdWzyuDTifgyWlo
Score10/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-