General
-
Target
13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4
-
Size
2.6MB
-
Sample
220320-h4fyxsaee6
-
MD5
7f6060451f81564336bd5d9e5c95797a
-
SHA1
70c756af084d013e703d5e1c0f561eea6cb2f781
-
SHA256
13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4
-
SHA512
c5263836ef7264e48e4166042827340244fe430b490ad41acde7fef378757731e7d3fecfe05c5d75695d32dcba7a13db86bea36366c5f4fb1e0ea3e321032abf
Malware Config
Targets
-
-
Target
13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4
-
Size
2.6MB
-
MD5
7f6060451f81564336bd5d9e5c95797a
-
SHA1
70c756af084d013e703d5e1c0f561eea6cb2f781
-
SHA256
13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4
-
SHA512
c5263836ef7264e48e4166042827340244fe430b490ad41acde7fef378757731e7d3fecfe05c5d75695d32dcba7a13db86bea36366c5f4fb1e0ea3e321032abf
Score10/10-
Registers COM server for autorun
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-