General
-
Target
f60a33a69d22f73768dca02063c875e3dbeae931f741b05278ed908db8fc0de0.exe
-
Size
1.7MB
-
Sample
240921-b4mcdazbjr
-
MD5
75d1bdc8553393d90f8d016a8b603d4d
-
SHA1
78a0a2fe6f64011087e248297b2e693e73551e51
-
SHA256
f60a33a69d22f73768dca02063c875e3dbeae931f741b05278ed908db8fc0de0
-
SHA512
452708ba82b939d8282d7abeb4aff86fca3be8b228a36473e242a59def1a590b322618ea831537528521e22acadf172d06a7353c29da423de73acef5e8834458
-
SSDEEP
49152:KAodtaG9kS2U84B+FLan9k5TRM9zlXVjOxWkUslM:+/B16YD
Malware Config
Targets
-
-
Target
f60a33a69d22f73768dca02063c875e3dbeae931f741b05278ed908db8fc0de0.exe
-
Size
1.7MB
-
MD5
75d1bdc8553393d90f8d016a8b603d4d
-
SHA1
78a0a2fe6f64011087e248297b2e693e73551e51
-
SHA256
f60a33a69d22f73768dca02063c875e3dbeae931f741b05278ed908db8fc0de0
-
SHA512
452708ba82b939d8282d7abeb4aff86fca3be8b228a36473e242a59def1a590b322618ea831537528521e22acadf172d06a7353c29da423de73acef5e8834458
-
SSDEEP
49152:KAodtaG9kS2U84B+FLan9k5TRM9zlXVjOxWkUslM:+/B16YD
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-