General
-
Target
134db5e7f3bacd0fceb73d95d82b80a1b5f2e17136e7b8344cfdb8636e7137ec
-
Size
861KB
-
Sample
241107-zfejmaycjf
-
MD5
93ea6c3c05e81824a35f4af48ead95c6
-
SHA1
d92379d7d4df19999096ef5c676fc57c83b9a437
-
SHA256
134db5e7f3bacd0fceb73d95d82b80a1b5f2e17136e7b8344cfdb8636e7137ec
-
SHA512
4bcaf71bb28c7853bb2ec455eaa031b9a3e46cdd837e9ef28d82dcf1888a9e6ddc2fcca819d9070a6dad00d3f406ce4a7dfbbd775b2a0c339f89a28abff68038
-
SSDEEP
24576:yzuTs+0B+/b5tqMPaQVa+kUT1Ll/l00PD:Kuw+0GlcMPaQVr5dL
Static task
static1
Behavioral task
behavioral1
Sample
134db5e7f3bacd0fceb73d95d82b80a1b5f2e17136e7b8344cfdb8636e7137ec.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
134db5e7f3bacd0fceb73d95d82b80a1b5f2e17136e7b8344cfdb8636e7137ec.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
134db5e7f3bacd0fceb73d95d82b80a1b5f2e17136e7b8344cfdb8636e7137ec
-
Size
861KB
-
MD5
93ea6c3c05e81824a35f4af48ead95c6
-
SHA1
d92379d7d4df19999096ef5c676fc57c83b9a437
-
SHA256
134db5e7f3bacd0fceb73d95d82b80a1b5f2e17136e7b8344cfdb8636e7137ec
-
SHA512
4bcaf71bb28c7853bb2ec455eaa031b9a3e46cdd837e9ef28d82dcf1888a9e6ddc2fcca819d9070a6dad00d3f406ce4a7dfbbd775b2a0c339f89a28abff68038
-
SSDEEP
24576:yzuTs+0B+/b5tqMPaQVa+kUT1Ll/l00PD:Kuw+0GlcMPaQVr5dL
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-