General
-
Target
10882b3477b6a32049e6f67e67885927ddcc28750884e0b02df5f228bc10f905
-
Size
807KB
-
Sample
240915-ntssmasara
-
MD5
22f29bcd197a1ca86d9131d0bf684012
-
SHA1
2882bdf5332427e5b2a43aeba7b3e18f4e41f7cc
-
SHA256
10882b3477b6a32049e6f67e67885927ddcc28750884e0b02df5f228bc10f905
-
SHA512
553230f752dc320d5cfa76f47f7448257d106b1d8afd12ce8b2ab6a8cadac0e0e54439e5441ebe107f24f132eba02413bdeb4d82ff1dd4d1d8d4cefeb7beac04
-
SSDEEP
12288:agtbraUnnLODW153C5yQukJV5XzVbuye/q8tDl+ZhDT7qTxb0yakF1sEQSQv7nhE:fbmULSgRVkJVVzvipt8T7qTxbTJmk1N
Malware Config
Targets
-
-
Target
10882b3477b6a32049e6f67e67885927ddcc28750884e0b02df5f228bc10f905
-
Size
807KB
-
MD5
22f29bcd197a1ca86d9131d0bf684012
-
SHA1
2882bdf5332427e5b2a43aeba7b3e18f4e41f7cc
-
SHA256
10882b3477b6a32049e6f67e67885927ddcc28750884e0b02df5f228bc10f905
-
SHA512
553230f752dc320d5cfa76f47f7448257d106b1d8afd12ce8b2ab6a8cadac0e0e54439e5441ebe107f24f132eba02413bdeb4d82ff1dd4d1d8d4cefeb7beac04
-
SSDEEP
12288:agtbraUnnLODW153C5yQukJV5XzVbuye/q8tDl+ZhDT7qTxb0yakF1sEQSQv7nhE:fbmULSgRVkJVVzvipt8T7qTxbTJmk1N
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-