General
-
Target
3ab2e15255e0fa57aecb0571a657dc175a22a42177d09edd4440bd87bcf40a0e
-
Size
135KB
-
Sample
240706-bsh6ksthjd
-
MD5
98447d515c145376ed8ad08e2f87f475
-
SHA1
d28f575109ae41d1009f18d8c064de7c8bc814a4
-
SHA256
3ab2e15255e0fa57aecb0571a657dc175a22a42177d09edd4440bd87bcf40a0e
-
SHA512
4da9577717a335dc46bd35bcc27b005c0eef30a67722763f5952a00c1bb147503f2706567e0de056703a735756defb52d30be7a5a7cf98d8bfa8cefa112d4a0e
-
SSDEEP
3072:Q2YinshBEali5qCmS86e/06TdDQI1X657KlSmVkn5XXP:Q2YRaaZzS8v06Th657KPkn1XP
Static task
static1
Behavioral task
behavioral1
Sample
e4fcf1f6b71043e7c7c32f6954a0a1972696fa1bb9b6543ead14e85626890a11.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e4fcf1f6b71043e7c7c32f6954a0a1972696fa1bb9b6543ead14e85626890a11.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
e4fcf1f6b71043e7c7c32f6954a0a1972696fa1bb9b6543ead14e85626890a11.exe
-
Size
294KB
-
MD5
04c30859516960ad61fcda864c16ea84
-
SHA1
c5893f23d34826eb061cbff517843793f13b0e6a
-
SHA256
e4fcf1f6b71043e7c7c32f6954a0a1972696fa1bb9b6543ead14e85626890a11
-
SHA512
ef58cd9756f6d89b9752a6a233e388bfca9d1cb707af641ef95f04181b142e260c4c5c8e034270de35cd88cf569d81cebbcdc5af3749840436d006859cc6230c
-
SSDEEP
3072:7o7lYJHuSHgB24g54PzOOqJYGk6/uGDB0C6Z3pMJCv5Aa5OZw1Rvbq/ZU1os8rG1:U7lRw4vB890C6ZwLORvbq/uv8M
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-