General
-
Target
cde7ddad49de857b3ec3f34795e4a8c991a18f535df5e0da8a107b4e311abf7e
-
Size
10.2MB
-
Sample
210511-qqan7esnks
-
MD5
1e38cc018755dbfa12d0775c2d591675
-
SHA1
1ad7aa9bf01619a6d93e1314056f68af9d66e790
-
SHA256
cde7ddad49de857b3ec3f34795e4a8c991a18f535df5e0da8a107b4e311abf7e
-
SHA512
bdac9c005a2665d7114a70a2414f8d97d0630342700d3315232003de79bc01e521a0c97c8c9e7dc34b9b14503b6a188e79199b5ad81128a87657f5f021362dc7
Malware Config
Targets
-
-
Target
cde7ddad49de857b3ec3f34795e4a8c991a18f535df5e0da8a107b4e311abf7e
-
Size
10.2MB
-
MD5
1e38cc018755dbfa12d0775c2d591675
-
SHA1
1ad7aa9bf01619a6d93e1314056f68af9d66e790
-
SHA256
cde7ddad49de857b3ec3f34795e4a8c991a18f535df5e0da8a107b4e311abf7e
-
SHA512
bdac9c005a2665d7114a70a2414f8d97d0630342700d3315232003de79bc01e521a0c97c8c9e7dc34b9b14503b6a188e79199b5ad81128a87657f5f021362dc7
Score8/10-
Executes dropped EXE
-
Suspicious Office macro
Office document equipped with macros.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-