General
-
Target
24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338
-
Size
1.7MB
-
Sample
241103-zjjmratglh
-
MD5
15064527753763619d3781b780ded930
-
SHA1
26d03ea8ced5a9fceb3260cf9e71bf1f08768c8b
-
SHA256
24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338
-
SHA512
626a700ab6fc50be15b59e63a5114c100d5b95a6531f24ada010a70f9438f2c769df336980e58bfb4b799e484ec9b897555bc31be3a10fc3b9b356be0452f5de
-
SSDEEP
49152:qJfJlyMrgsK4Dg2JYYZqNi/3nXeHgUAozs1:qJBlVg2J9SOntVn
Static task
static1
Behavioral task
behavioral1
Sample
24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338
-
Size
1.7MB
-
MD5
15064527753763619d3781b780ded930
-
SHA1
26d03ea8ced5a9fceb3260cf9e71bf1f08768c8b
-
SHA256
24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338
-
SHA512
626a700ab6fc50be15b59e63a5114c100d5b95a6531f24ada010a70f9438f2c769df336980e58bfb4b799e484ec9b897555bc31be3a10fc3b9b356be0452f5de
-
SSDEEP
49152:qJfJlyMrgsK4Dg2JYYZqNi/3nXeHgUAozs1:qJBlVg2J9SOntVn
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-