General
-
Target
1099655a13691a6c4856fa29fa038e89805c8ff7ba6d04c6c56128728be19ff4.exe
-
Size
4.6MB
-
Sample
240724-scte2svdqd
-
MD5
917f9d9d484f8657efc7f60b8adde947
-
SHA1
01e4648cef9fb934429d63471127805120202ca9
-
SHA256
1099655a13691a6c4856fa29fa038e89805c8ff7ba6d04c6c56128728be19ff4
-
SHA512
6f81636f49ac851709372e04fa4b95a47da1d17bb84c0150fda6f1ee37111ac357ae17414e9d96f597ac99b2693a9b5838d43fc22b12abbed3e6bbf6421635d2
-
SSDEEP
98304:ybFXaexwoV2rqKxaWkidqVtIhjAgWlZHrtjFsN3RwC+cDhfXXWB:gwexwoVLhidqVtg8jZHrw3wC+8
Static task
static1
Behavioral task
behavioral1
Sample
1099655a13691a6c4856fa29fa038e89805c8ff7ba6d04c6c56128728be19ff4.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
1099655a13691a6c4856fa29fa038e89805c8ff7ba6d04c6c56128728be19ff4.exe
-
Size
4.6MB
-
MD5
917f9d9d484f8657efc7f60b8adde947
-
SHA1
01e4648cef9fb934429d63471127805120202ca9
-
SHA256
1099655a13691a6c4856fa29fa038e89805c8ff7ba6d04c6c56128728be19ff4
-
SHA512
6f81636f49ac851709372e04fa4b95a47da1d17bb84c0150fda6f1ee37111ac357ae17414e9d96f597ac99b2693a9b5838d43fc22b12abbed3e6bbf6421635d2
-
SSDEEP
98304:ybFXaexwoV2rqKxaWkidqVtIhjAgWlZHrtjFsN3RwC+cDhfXXWB:gwexwoVLhidqVtg8jZHrw3wC+8
-
LoaderBot executable
-
XMRig Miner payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-