General
-
Target
03bab0daf2e3285f26ced738fc0fd010404cf07513a2135b9f2fd8f894a15490.exe
-
Size
442KB
-
Sample
241122-xrs52ssmek
-
MD5
48a52bf6785639698f907abd05e40f84
-
SHA1
6de2644a5742e53fe497be30388e952455833713
-
SHA256
03bab0daf2e3285f26ced738fc0fd010404cf07513a2135b9f2fd8f894a15490
-
SHA512
6605fddd77733550bbdbf5772b3718444717c420281ebcb3a3f1fb9155c3ae5aa6cea9c87381a0866fb59098a08397f6c02ac0f11a879265d331e4948d843574
-
SSDEEP
12288:gO3nzR81/CPPYYg8btjp5lQ6GGb2I+ON3BVHLIcgwazbXkZ:5zO1/mYYg85N5lB2PEzOU
Static task
static1
Behavioral task
behavioral1
Sample
03bab0daf2e3285f26ced738fc0fd010404cf07513a2135b9f2fd8f894a15490.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
03bab0daf2e3285f26ced738fc0fd010404cf07513a2135b9f2fd8f894a15490.exe
-
Size
442KB
-
MD5
48a52bf6785639698f907abd05e40f84
-
SHA1
6de2644a5742e53fe497be30388e952455833713
-
SHA256
03bab0daf2e3285f26ced738fc0fd010404cf07513a2135b9f2fd8f894a15490
-
SHA512
6605fddd77733550bbdbf5772b3718444717c420281ebcb3a3f1fb9155c3ae5aa6cea9c87381a0866fb59098a08397f6c02ac0f11a879265d331e4948d843574
-
SSDEEP
12288:gO3nzR81/CPPYYg8btjp5lQ6GGb2I+ON3BVHLIcgwazbXkZ:5zO1/mYYg85N5lB2PEzOU
-
Imminent family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-