General
-
Target
724014172b5bf394116683736b4df122dd740c5e605671c3dc8a9d1074d77958.exe
-
Size
990KB
-
Sample
240905-bt2djszgkn
-
MD5
19c882524c377b0732557e51d859f792
-
SHA1
095c79f4036371199bd09a86142811415f194913
-
SHA256
724014172b5bf394116683736b4df122dd740c5e605671c3dc8a9d1074d77958
-
SHA512
47f585b99d2f0537aabe6920dc07d7ee3732b9257ea8b17fa51f9963484a0ec3c09b92a82a1475232d3e3c899026937875ad2b2f9e2b06e09cfc2ad3ad8534cc
-
SSDEEP
24576:N8MUf1VnXlGDYatL5DQPFqc50whUljBh7+Do:29lVGDYgDIp5kljr7i
Malware Config
Targets
-
-
Target
724014172b5bf394116683736b4df122dd740c5e605671c3dc8a9d1074d77958.exe
-
Size
990KB
-
MD5
19c882524c377b0732557e51d859f792
-
SHA1
095c79f4036371199bd09a86142811415f194913
-
SHA256
724014172b5bf394116683736b4df122dd740c5e605671c3dc8a9d1074d77958
-
SHA512
47f585b99d2f0537aabe6920dc07d7ee3732b9257ea8b17fa51f9963484a0ec3c09b92a82a1475232d3e3c899026937875ad2b2f9e2b06e09cfc2ad3ad8534cc
-
SSDEEP
24576:N8MUf1VnXlGDYatL5DQPFqc50whUljBh7+Do:29lVGDYgDIp5kljr7i
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-