General
-
Target
9ab15f7127f7c5b85ea1295e80c0c01a.bin
-
Size
11KB
-
Sample
241006-pcaq6atajr
-
MD5
29c368acff862ad80cc6f6ed00277a9e
-
SHA1
fc7610f9c617ecf20cb3130e3ec0ce6cbbaff732
-
SHA256
26f3bc35adab31856979030c0c1c0bb083fc2c67ec63ce755284758737c0ce50
-
SHA512
9954dff74ef94e822f0f3a42f694760253be17d360e378877c8299b70025c691ba0d3f3585b812cf333444f714b233180722e568d126d22821cc9ba753bafb66
-
SSDEEP
192:xthgrBoq7/cipayGOHfgHaxlXVkav/ZokG9wqXGFH1MraXTTv4qU3w/3f:7arB30kqOYHAlXVkavhDGyqDy3vCy3f
Static task
static1
Behavioral task
behavioral1
Sample
d4f354a82179cefb8ddb5cacf042457d00666266a76b1c949352ae4f55a072f1.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
d4f354a82179cefb8ddb5cacf042457d00666266a76b1c949352ae4f55a072f1.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
C:\Users\Admin\Links\Readme.txt
1AgTC4dyUd73k322jwABVT4Yt7UVxnZD98
Targets
-
-
Target
d4f354a82179cefb8ddb5cacf042457d00666266a76b1c949352ae4f55a072f1.exe
-
Size
24KB
-
MD5
9ab15f7127f7c5b85ea1295e80c0c01a
-
SHA1
69be3fe1f42e4f342689347d0f7b9d72370cf145
-
SHA256
d4f354a82179cefb8ddb5cacf042457d00666266a76b1c949352ae4f55a072f1
-
SHA512
044c68f18c7d9490c183c693cc9ae7825eeaa62c88a78d9606c09ef237bf440423877c9b2b1aee8b70b48af13a8dcf2dba5bdd29fca6de4c57a23c23850e6076
-
SSDEEP
384:qlhPJDRD9Jno/+v5MY2D3ECZhAc5gxYLfUVIbsRlvrV:yhPJDRD9JnoUMY2Rgx2fU+sRJV
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-