General
-
Target
bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805cN
-
Size
3.9MB
-
Sample
241103-jxq1zszbnl
-
MD5
5adb2a353e5d54d267e084de41f63310
-
SHA1
59b62e1159bdc14a58eecff61d4045b634a51374
-
SHA256
bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805c
-
SHA512
453b5c61247a0d01d0bf3108532691a6534611460a4ca6483d73e2391b17d1491e342e0f6544b566de526cf6226de6838a133f9788bef3b034b66f89807e71a6
-
SSDEEP
98304:wxhtYrUqNd6Px5RrtcZmZYZT/UHZxUSa1xJKA:wJEUqNd6Px5RRcsYZT/yv7A
Static task
static1
Behavioral task
behavioral1
Sample
bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805cN.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805cN
-
Size
3.9MB
-
MD5
5adb2a353e5d54d267e084de41f63310
-
SHA1
59b62e1159bdc14a58eecff61d4045b634a51374
-
SHA256
bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805c
-
SHA512
453b5c61247a0d01d0bf3108532691a6534611460a4ca6483d73e2391b17d1491e342e0f6544b566de526cf6226de6838a133f9788bef3b034b66f89807e71a6
-
SSDEEP
98304:wxhtYrUqNd6Px5RrtcZmZYZT/UHZxUSa1xJKA:wJEUqNd6Px5RRcsYZT/yv7A
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-