General
-
Target
QWERTYSPOOFERBETA.exe
-
Size
229KB
-
Sample
220925-1shbqahdgk
-
MD5
e2fe703139b0b1cc026c49957c911d0b
-
SHA1
0201076762a902103e20dedd28ca602a2fd488d6
-
SHA256
fc9200be38a286b5c8c19f697f61f1e2206a6199d29e4cf3e33f5ccfb3c70f41
-
SHA512
bc4d5e6adc79ab488664fa7667fe434dcfb37d06dee1a833ea2a7d2a0573066dfe1c1caa15c1aa2d83963f24c35b4cfdf92e219f20cf2bcc0660b977446a7170
-
SSDEEP
6144:3mRHz4mnREj2wEpxeuasEmwqr4GuuCeHncp9qFPs7:3m502xpUu8mwvvuCeH2qG
Malware Config
Targets
-
-
Target
QWERTYSPOOFERBETA.exe
-
Size
229KB
-
MD5
e2fe703139b0b1cc026c49957c911d0b
-
SHA1
0201076762a902103e20dedd28ca602a2fd488d6
-
SHA256
fc9200be38a286b5c8c19f697f61f1e2206a6199d29e4cf3e33f5ccfb3c70f41
-
SHA512
bc4d5e6adc79ab488664fa7667fe434dcfb37d06dee1a833ea2a7d2a0573066dfe1c1caa15c1aa2d83963f24c35b4cfdf92e219f20cf2bcc0660b977446a7170
-
SSDEEP
6144:3mRHz4mnREj2wEpxeuasEmwqr4GuuCeHncp9qFPs7:3m502xpUu8mwvvuCeH2qG
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-