General
-
Target
00946632671123ef391720a35b310261db3ea2f5a5761f583b8ce2bea566e3f3N.exe
-
Size
855KB
-
Sample
241110-2zls6awpc1
-
MD5
f1a4d7abd9e29baadcc241a06cbb3793
-
SHA1
f0d064f3825fff5d6cb84fabb743b9f03d6d5a63
-
SHA256
cc27598956262f4307167e53edcc02af444d57d1c6de1b21917075a61d885f2a
-
SHA512
731c8f1265c65993fe50229a9e495d3863b687eea0d07bc59ca0d7ae0a4c3e6966cae0695b5699f9b7281af8d2eef2dd589cdbedaf200517098ca2773c408c80
-
SSDEEP
24576:LWV4E3PAxHi2qyR24aro5uaVwqi53cakR2QxCmNn:LWVdlwNQ2wqi53rksQxCmZ
Static task
static1
Behavioral task
behavioral1
Sample
00946632671123ef391720a35b310261db3ea2f5a5761f583b8ce2bea566e3f3N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
00946632671123ef391720a35b310261db3ea2f5a5761f583b8ce2bea566e3f3N.exe
-
Size
855KB
-
MD5
f1a4d7abd9e29baadcc241a06cbb3793
-
SHA1
f0d064f3825fff5d6cb84fabb743b9f03d6d5a63
-
SHA256
cc27598956262f4307167e53edcc02af444d57d1c6de1b21917075a61d885f2a
-
SHA512
731c8f1265c65993fe50229a9e495d3863b687eea0d07bc59ca0d7ae0a4c3e6966cae0695b5699f9b7281af8d2eef2dd589cdbedaf200517098ca2773c408c80
-
SSDEEP
24576:LWV4E3PAxHi2qyR24aro5uaVwqi53cakR2QxCmNn:LWVdlwNQ2wqi53rksQxCmZ
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-