General
-
Target
theone.txt
-
Size
227KB
-
Sample
241113-efyx2swdrp
-
MD5
159609889dfa89a0a3a6e1fde1ca1b76
-
SHA1
fce53276c63572448e8af3ea8e41112b10edd051
-
SHA256
8101b388cc8a6a9c948f8d71de9938702b5c25978d804769c8c20fe258adc959
-
SHA512
662f85b9d56ab29007c025c235100ae81422962a89f7db597f6f04603b5dde18c01731e08f9ec8686e376b4a991a92f35a027c2189a61a9af3f943bc986103cc
-
SSDEEP
3072:RZrgoOttTuTzC9aBCIi1Fgeiv+kVkZNfvfi3oS/hnKstKPrh1+NAtjwK4l:RZrXwXM+fNfXaoS/M6KON2jwK4l
Static task
static1
Behavioral task
behavioral1
Sample
theone.exe
Resource
win10ltsc2021-20241023-en
Malware Config
Targets
-
-
Target
theone.txt
-
Size
227KB
-
MD5
159609889dfa89a0a3a6e1fde1ca1b76
-
SHA1
fce53276c63572448e8af3ea8e41112b10edd051
-
SHA256
8101b388cc8a6a9c948f8d71de9938702b5c25978d804769c8c20fe258adc959
-
SHA512
662f85b9d56ab29007c025c235100ae81422962a89f7db597f6f04603b5dde18c01731e08f9ec8686e376b4a991a92f35a027c2189a61a9af3f943bc986103cc
-
SSDEEP
3072:RZrgoOttTuTzC9aBCIi1Fgeiv+kVkZNfvfi3oS/hnKstKPrh1+NAtjwK4l:RZrXwXM+fNfXaoS/M6KON2jwK4l
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Legitimate hosting services abused for malware hosting/C2
-