General
-
Target
e8d0e23d5aa07643065509a781685239885b04a3d39d78aa537e3dc3ae5075a2
-
Size
144KB
-
Sample
240701-entnasygmp
-
MD5
1712b04615487183ff0753de33fa0ab1
-
SHA1
50fc233560cc0f368931ca5b47b7a689742f6ff2
-
SHA256
e8d0e23d5aa07643065509a781685239885b04a3d39d78aa537e3dc3ae5075a2
-
SHA512
6009df48809ce21225cf08565184ee6656d2cea59c306317f0c121310630e4b8f904f90c9328458c50885dde3c6d3848112784dcfa6b637a041c99d64a6f9166
-
SSDEEP
3072:l5SVkkgUgXC7AdYzrV+Dljy/32ubwZ/qJ:SUFCkdYzrVolu/J0Z/
Static task
static1
Behavioral task
behavioral1
Sample
e8d0e23d5aa07643065509a781685239885b04a3d39d78aa537e3dc3ae5075a2.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
e8d0e23d5aa07643065509a781685239885b04a3d39d78aa537e3dc3ae5075a2.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
e8d0e23d5aa07643065509a781685239885b04a3d39d78aa537e3dc3ae5075a2
-
Size
144KB
-
MD5
1712b04615487183ff0753de33fa0ab1
-
SHA1
50fc233560cc0f368931ca5b47b7a689742f6ff2
-
SHA256
e8d0e23d5aa07643065509a781685239885b04a3d39d78aa537e3dc3ae5075a2
-
SHA512
6009df48809ce21225cf08565184ee6656d2cea59c306317f0c121310630e4b8f904f90c9328458c50885dde3c6d3848112784dcfa6b637a041c99d64a6f9166
-
SSDEEP
3072:l5SVkkgUgXC7AdYzrV+Dljy/32ubwZ/qJ:SUFCkdYzrVolu/J0Z/
Score9/10-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-