General
-
Target
ff5735fd2989c4a287ab1224205aa5f8.bin
-
Size
4KB
-
Sample
240701-ewz52syhrj
-
MD5
9977d55bfad90644b4566eff1de944a2
-
SHA1
321f6e05709cc91c07c74d3910b0ba74d52a538a
-
SHA256
f57b5ca5af9ee9af3126dc7da62143bf0bc280895e4db9cbcbc85676b9081dce
-
SHA512
6e6078e45ae5327c0387ccd443037d1c34aad7c50494c632747de60eb61d06df4e3680507acd45e07951aeb9958b5da5ab1c4a24704b4f79e35bea987a67ab6b
-
SSDEEP
96:UKsutKeMxmjPDZq7xjDtPt6yBWxr9ztLh5ZcuaCLy5Uq1UAKL:UNWKetj+xjDlt6y8RJV56CXtAO
Static task
static1
Behavioral task
behavioral1
Sample
41d652145e82ff966b3a820b490f0fe7d3850c2916c5f4d3522536fec53017e5.exe
Resource
win7-20240419-en
Malware Config
Targets
-
-
Target
41d652145e82ff966b3a820b490f0fe7d3850c2916c5f4d3522536fec53017e5.exe
-
Size
11KB
-
MD5
ff5735fd2989c4a287ab1224205aa5f8
-
SHA1
dce12b73ab4ce77a8208f30962190defa6e7264c
-
SHA256
41d652145e82ff966b3a820b490f0fe7d3850c2916c5f4d3522536fec53017e5
-
SHA512
f6a3dddfffc0277be575131299dfd8f11b91e03d7e72899a99c60e98a7eed34767114b5b0b4c1bc788547657a2a5442705bb60bc828877de06e1a7d39d6d3f60
-
SSDEEP
192:BY6CytS3WGBZC3S+4TV+G99EalsDfxOCpJx3ptpJ+fl:BY6CytS3WGBg3cTE05lsDc65Q
-
Modifies security service
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-