General
-
Target
9582180cbf98031830a01e930edf7afd2310b300c3aa8f23f4e7af4083e9ba50
-
Size
1008KB
-
Sample
210508-wtekhepaf2
-
MD5
01cbb89115b29a90c1c0aa7dc59e9bd8
-
SHA1
55be68a696d07e9d9b081291ea0985dd6b170ee7
-
SHA256
9582180cbf98031830a01e930edf7afd2310b300c3aa8f23f4e7af4083e9ba50
-
SHA512
394bee45120025b4d0670e78886c17aa825b1409600a04e9efda838fb43491f219f98376efd34a1962c5e4403a09a0da97c670851fbd08eb25b6c22393703a4b
Malware Config
Targets
-
-
Target
9582180cbf98031830a01e930edf7afd2310b300c3aa8f23f4e7af4083e9ba50
-
Size
1008KB
-
MD5
01cbb89115b29a90c1c0aa7dc59e9bd8
-
SHA1
55be68a696d07e9d9b081291ea0985dd6b170ee7
-
SHA256
9582180cbf98031830a01e930edf7afd2310b300c3aa8f23f4e7af4083e9ba50
-
SHA512
394bee45120025b4d0670e78886c17aa825b1409600a04e9efda838fb43491f219f98376efd34a1962c5e4403a09a0da97c670851fbd08eb25b6c22393703a4b
Score8/10-
Executes dropped EXE
-
Suspicious Office macro
Office document equipped with macros.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-