General
-
Target
9751dc8bfd29e69b5e04e81d1971b145ea18ef7e57211a301339d5bb43d40ff9.exe
-
Size
777KB
-
Sample
241002-bvk3yszglp
-
MD5
9311139abfee49ed8f2131abdb7a2142
-
SHA1
a0af849bcb178de760d5748097b17025f6e49d97
-
SHA256
9751dc8bfd29e69b5e04e81d1971b145ea18ef7e57211a301339d5bb43d40ff9
-
SHA512
af6a80ed57cb4343eda8bd3ea1f45031788af1e03f4781fea61ca7972492474ca8eae4290ed2c9e51a74cce20597735b5697e87a8c9db9cdfc85a53328bb2131
-
SSDEEP
12288:Uu+w0Vld0rZq9OVqfVdgf2aYOKNDvbVOSWAgiTqB9dmL/USwp:UFVE8cqfrg2TbVOSnsBHGVA
Malware Config
Targets
-
-
Target
9751dc8bfd29e69b5e04e81d1971b145ea18ef7e57211a301339d5bb43d40ff9.exe
-
Size
777KB
-
MD5
9311139abfee49ed8f2131abdb7a2142
-
SHA1
a0af849bcb178de760d5748097b17025f6e49d97
-
SHA256
9751dc8bfd29e69b5e04e81d1971b145ea18ef7e57211a301339d5bb43d40ff9
-
SHA512
af6a80ed57cb4343eda8bd3ea1f45031788af1e03f4781fea61ca7972492474ca8eae4290ed2c9e51a74cce20597735b5697e87a8c9db9cdfc85a53328bb2131
-
SSDEEP
12288:Uu+w0Vld0rZq9OVqfVdgf2aYOKNDvbVOSWAgiTqB9dmL/USwp:UFVE8cqfrg2TbVOSnsBHGVA
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-