General
-
Target
b3e57d0381df8c35a19014a09b7980d0N.exe
-
Size
2.0MB
-
Sample
240815-lacaeswanf
-
MD5
b3e57d0381df8c35a19014a09b7980d0
-
SHA1
94e434b666eeb30c912326a37544de35913f601d
-
SHA256
cd561d281663c60c97ba62ff7c8a870570bbe84aedcfac34b6905ec535fa7959
-
SHA512
e65dd4cf3bb268f4e3ecab378ce20887be62dc5a5a94e18714e5a3d11a966dc08d72a7f257cbc1270bb8679b5419dc9595c35431f9fe3008125ef171f2286e49
-
SSDEEP
24576:eDH9v7IlfGQrFEspugRN5I2D553J/J/b5tJ/jYVoaP3P:e570+QrFEBga2S3P
Static task
static1
Behavioral task
behavioral1
Sample
b3e57d0381df8c35a19014a09b7980d0N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
b3e57d0381df8c35a19014a09b7980d0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b3e57d0381df8c35a19014a09b7980d0N.exe
-
Size
2.0MB
-
MD5
b3e57d0381df8c35a19014a09b7980d0
-
SHA1
94e434b666eeb30c912326a37544de35913f601d
-
SHA256
cd561d281663c60c97ba62ff7c8a870570bbe84aedcfac34b6905ec535fa7959
-
SHA512
e65dd4cf3bb268f4e3ecab378ce20887be62dc5a5a94e18714e5a3d11a966dc08d72a7f257cbc1270bb8679b5419dc9595c35431f9fe3008125ef171f2286e49
-
SSDEEP
24576:eDH9v7IlfGQrFEspugRN5I2D553J/J/b5tJ/jYVoaP3P:e570+QrFEBga2S3P
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-