General
-
Target
04c0f0bdeabba294fe264d44cd517de7ea9cc15f39323a6ad31e4c713a42fb64
-
Size
1.2MB
-
Sample
241107-zcf82s1lbl
-
MD5
d2cc66c09a1ca375e5556e956822275f
-
SHA1
adbe12938e7c238789f4ddf8f278b6d27d4d932c
-
SHA256
04c0f0bdeabba294fe264d44cd517de7ea9cc15f39323a6ad31e4c713a42fb64
-
SHA512
d18bcd2deb6e87d8c365c0cb987149c7224dd864fb3a4e29426ccbc4485acc5a17eb84e82089bced0a211ab9acfdf290e488bcd48a846ac7e8a11869e753ceba
-
SSDEEP
24576:45RPT0fJKjwYZ/I0P/ekwSVzGHkw3lpjn9LmAC+eMmEHI:yGJKcYjOONGN1ln9LmN+ZmEH
Static task
static1
Behavioral task
behavioral1
Sample
04c0f0bdeabba294fe264d44cd517de7ea9cc15f39323a6ad31e4c713a42fb64.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
04c0f0bdeabba294fe264d44cd517de7ea9cc15f39323a6ad31e4c713a42fb64.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
04c0f0bdeabba294fe264d44cd517de7ea9cc15f39323a6ad31e4c713a42fb64
-
Size
1.2MB
-
MD5
d2cc66c09a1ca375e5556e956822275f
-
SHA1
adbe12938e7c238789f4ddf8f278b6d27d4d932c
-
SHA256
04c0f0bdeabba294fe264d44cd517de7ea9cc15f39323a6ad31e4c713a42fb64
-
SHA512
d18bcd2deb6e87d8c365c0cb987149c7224dd864fb3a4e29426ccbc4485acc5a17eb84e82089bced0a211ab9acfdf290e488bcd48a846ac7e8a11869e753ceba
-
SSDEEP
24576:45RPT0fJKjwYZ/I0P/ekwSVzGHkw3lpjn9LmAC+eMmEHI:yGJKcYjOONGN1ln9LmN+ZmEH
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-