General
-
Target
bf419752c9d2cdb915bba91c641ad2b3.bin
-
Size
631KB
-
Sample
240701-dtjjvavbph
-
MD5
e73553a8fa2c34b2a892055cef2300fc
-
SHA1
f816d1e23db7604530e1c8e39d96b2d59781cdfa
-
SHA256
d049dfeaec38a5a20154876085d3773b38278fd8176945d3f2bce9fc82aa2b0d
-
SHA512
11dc9675c3d23c90b31b50ed70f724e543700ac27eeaa32a5ed6de11da26a55f2325c373d7309102643b76b76ed9eb2b800c5eae542eb57c378ee79201793bf8
-
SSDEEP
12288:dpE912x5fuqimLWnVnir7nuFUqbaKQrlLSvcIiJULE8WW1h90NE2tRF:DE91mfuKLaVirb6UiaBrkrpES1hhIz
Static task
static1
Behavioral task
behavioral1
Sample
d2b5d02ad0207f69484b73eae658c2c08b747b4b3125e8856c5f0df261217f1e.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
d2b5d02ad0207f69484b73eae658c2c08b747b4b3125e8856c5f0df261217f1e.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
d2b5d02ad0207f69484b73eae658c2c08b747b4b3125e8856c5f0df261217f1e.exe
-
Size
685KB
-
MD5
bf419752c9d2cdb915bba91c641ad2b3
-
SHA1
25b9365ef4ff79cc6abb793c1a2aafe2ab030153
-
SHA256
d2b5d02ad0207f69484b73eae658c2c08b747b4b3125e8856c5f0df261217f1e
-
SHA512
b36f13659a75986b079ef5ab2bb5e6981c038002e8ab5ea743ad892a8bdb5e3bad4227652ac38a9b56bf1847535618fb262383863da71315787fea3b8e3df99d
-
SSDEEP
12288:499glhFbCawxCj/dqMCdnEyys68juhtfTsjY8bwVaD4FP25vqeEOTU+HNtV:4Sw4/gRQ38QBUjMh25Sv8U+t3
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-