General
-
Target
c1e76af376454bab05e44634ca4e017e7607e41c9df6e067162d28064a1c7cd6
-
Size
145KB
-
Sample
241123-dx4desxkhv
-
MD5
913458a5e9eb4026c62609375b534227
-
SHA1
9739ae38effef090b3b558531e01bf2252bd018f
-
SHA256
c1e76af376454bab05e44634ca4e017e7607e41c9df6e067162d28064a1c7cd6
-
SHA512
5b653989cafdbd586216ccd11d243001b066b044df93478f574577f170b72a84b3831c89933c023ac458d8c2d4fb2fe4cdfcac0608806258150c3df101a79275
-
SSDEEP
1536:DzICS4AAwczUUf8y8gvMH+1zGSNAojMP95D1xDXcl74OOjAp31AyNpCSV6O9xv2T:cqJogYkcSNm9V7DG98YlXjCSV6O9R2T
Behavioral task
behavioral1
Sample
c1e76af376454bab05e44634ca4e017e7607e41c9df6e067162d28064a1c7cd6.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c1e76af376454bab05e44634ca4e017e7607e41c9df6e067162d28064a1c7cd6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c1e76af376454bab05e44634ca4e017e7607e41c9df6e067162d28064a1c7cd6
-
Size
145KB
-
MD5
913458a5e9eb4026c62609375b534227
-
SHA1
9739ae38effef090b3b558531e01bf2252bd018f
-
SHA256
c1e76af376454bab05e44634ca4e017e7607e41c9df6e067162d28064a1c7cd6
-
SHA512
5b653989cafdbd586216ccd11d243001b066b044df93478f574577f170b72a84b3831c89933c023ac458d8c2d4fb2fe4cdfcac0608806258150c3df101a79275
-
SSDEEP
1536:DzICS4AAwczUUf8y8gvMH+1zGSNAojMP95D1xDXcl74OOjAp31AyNpCSV6O9xv2T:cqJogYkcSNm9V7DG98YlXjCSV6O9R2T
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-