General
-
Target
c1ca203212d10acb2a1cc5b1244c71cfc9b4d5760ec27c9b843a1a37045dc981
-
Size
1.5MB
-
Sample
241018-c6ntnasclf
-
MD5
9fe72937a66d9b7ffa9bf593320e7e74
-
SHA1
51d5dd44c14066299d299293b852d2c41b8bb19e
-
SHA256
c1ca203212d10acb2a1cc5b1244c71cfc9b4d5760ec27c9b843a1a37045dc981
-
SHA512
f97a9b22cf0476cbc827bb98bf901de4d0d31ac72c8d16d5e1bb69e2a201e8761d4d473eade16e66447eac3c59aeb2b3051beff5e4b284093cff8850aad3454a
-
SSDEEP
24576:q8dvIOVmW6AbPsArkueRKmV3sNl6O4dKOl33E:qowONbkBuyKmBs7iKI33E
Malware Config
Targets
-
-
Target
c1ca203212d10acb2a1cc5b1244c71cfc9b4d5760ec27c9b843a1a37045dc981
-
Size
1.5MB
-
MD5
9fe72937a66d9b7ffa9bf593320e7e74
-
SHA1
51d5dd44c14066299d299293b852d2c41b8bb19e
-
SHA256
c1ca203212d10acb2a1cc5b1244c71cfc9b4d5760ec27c9b843a1a37045dc981
-
SHA512
f97a9b22cf0476cbc827bb98bf901de4d0d31ac72c8d16d5e1bb69e2a201e8761d4d473eade16e66447eac3c59aeb2b3051beff5e4b284093cff8850aad3454a
-
SSDEEP
24576:q8dvIOVmW6AbPsArkueRKmV3sNl6O4dKOl33E:qowONbkBuyKmBs7iKI33E
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-