General
-
Target
c000c20f354b21e121f89647fcc8ce60N.exe
-
Size
124KB
-
Sample
240723-qpxl5ascrp
-
MD5
c000c20f354b21e121f89647fcc8ce60
-
SHA1
e10422339e88143cd8187562fc2cf344d6ad5e4d
-
SHA256
710c780494b8c14c5f9167014ea8d75638d506c5dd674c5ce9aa95a3b991e001
-
SHA512
ca90781ebebe9f95468a0abcb40dc64ec38312c8154f53f67b83a2bd588076436f0e32fc1e3156234e0ad29b8a92e512997cd28dc9686a23a5088a7c4ed29772
-
SSDEEP
3072:n02ia5PvMCqf+5c4NMl+XAplorLRfDpVY+zMMbG7L:n02iaJMRmmyu+wplorLRfDpK+zMMb8
Behavioral task
behavioral1
Sample
c000c20f354b21e121f89647fcc8ce60N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
c000c20f354b21e121f89647fcc8ce60N.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
c000c20f354b21e121f89647fcc8ce60N.exe
-
Size
124KB
-
MD5
c000c20f354b21e121f89647fcc8ce60
-
SHA1
e10422339e88143cd8187562fc2cf344d6ad5e4d
-
SHA256
710c780494b8c14c5f9167014ea8d75638d506c5dd674c5ce9aa95a3b991e001
-
SHA512
ca90781ebebe9f95468a0abcb40dc64ec38312c8154f53f67b83a2bd588076436f0e32fc1e3156234e0ad29b8a92e512997cd28dc9686a23a5088a7c4ed29772
-
SSDEEP
3072:n02ia5PvMCqf+5c4NMl+XAplorLRfDpVY+zMMbG7L:n02iaJMRmmyu+wplorLRfDpK+zMMb8
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-