General
-
Target
97dcb995e0227d6887289e66a95c3cda2c334d659f293f8c1adb744f8681c802
-
Size
717KB
-
Sample
220913-ljhhssbabk
-
MD5
a5937d1900f0414cf35f65be0210424d
-
SHA1
50d6b460562dff6d3e8a3ba11c2edd6e8a930658
-
SHA256
97dcb995e0227d6887289e66a95c3cda2c334d659f293f8c1adb744f8681c802
-
SHA512
dd1f743215dfa365e8c572b5c6a9262698c221ebd877dc39f545583e68e76efcc0f08949905464c1751407cf5ef488b05b13c8ada5a83d821de51cd32a92d36f
-
SSDEEP
768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Malware Config
Targets
-
-
Target
97dcb995e0227d6887289e66a95c3cda2c334d659f293f8c1adb744f8681c802
-
Size
717KB
-
MD5
a5937d1900f0414cf35f65be0210424d
-
SHA1
50d6b460562dff6d3e8a3ba11c2edd6e8a930658
-
SHA256
97dcb995e0227d6887289e66a95c3cda2c334d659f293f8c1adb744f8681c802
-
SHA512
dd1f743215dfa365e8c572b5c6a9262698c221ebd877dc39f545583e68e76efcc0f08949905464c1751407cf5ef488b05b13c8ada5a83d821de51cd32a92d36f
-
SSDEEP
768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-