General
-
Target
207b136f41dce4a20ef01071d8358131.bin
-
Size
12KB
-
Sample
240626-cpa68s1gmr
-
MD5
bf5f0292d4022c21cf5d4425f61ce01e
-
SHA1
702c615a882330682db68dd6d8bf0f111d5cda5e
-
SHA256
496df3bbe4b68485ee115dbdbc1be18694e4138534efa5225423d4cfffcf3d13
-
SHA512
cfea8fef2307e77663e8909331a8d8689557ccea051d9cca068c23e45db6363893b64808aef0407a0b3a90cfda8d9cafb677c7fab4aba7b040cf9b923d7f3aa0
-
SSDEEP
384:Z9M21n9XM5zvKLr8+VJy598vWrCqX3Wk9gq1W:Z951n9cxSMvmWNnWyN1W
Static task
static1
Behavioral task
behavioral1
Sample
63827bccbd36fabd8120635af4e68329bd834dc0e11c75d4bb81797421cb9d35.vbe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
63827bccbd36fabd8120635af4e68329bd834dc0e11c75d4bb81797421cb9d35.vbe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
63827bccbd36fabd8120635af4e68329bd834dc0e11c75d4bb81797421cb9d35.vbe
-
Size
23KB
-
MD5
207b136f41dce4a20ef01071d8358131
-
SHA1
e5561b3304b7655ff20240631abf1eaa2aff37ef
-
SHA256
63827bccbd36fabd8120635af4e68329bd834dc0e11c75d4bb81797421cb9d35
-
SHA512
76b182aeed7902032265434c78b5757db5e7949e360267fb3a5648586eeb25bf12c22ea4520db4f0b114aeb0f9c5976989c53ec94c5c475a3bc103ccaa5c8eb6
-
SSDEEP
384:nDJcEgWPwf0ulPLLgoylkWz1vAaFYruA/du48nAc55Xid6VKRm3PHAr:nFcEgWIfttLKWs1v9erzdu48Ac55XidH
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-