General
-
Target
70d8028c7fb7f4869f230c8500e365d3fd6c58680fa7ba75301b67e7ca165a25
-
Size
197KB
-
Sample
221001-ycpdzscfe2
-
MD5
026825d6577dfca36280f80dd7372df6
-
SHA1
ce903d9bf1a1876085b3cfe91bfd0e5c89f3f37a
-
SHA256
70d8028c7fb7f4869f230c8500e365d3fd6c58680fa7ba75301b67e7ca165a25
-
SHA512
3a81153ddc4351d8f3184d481d49cfba43e025b960c2161df89365caa4d7d50f037b12bfce10bea5e49fb04df773f22268000f6656b407a9501e0e863ced5db1
-
SSDEEP
3072:BYB9YVPX3upd1qnAEzYds7E7/dThEgFJugbg:BaUX+pd1bEz2s7ETRhEgFJJ
Malware Config
Targets
-
-
Target
70d8028c7fb7f4869f230c8500e365d3fd6c58680fa7ba75301b67e7ca165a25
-
Size
197KB
-
MD5
026825d6577dfca36280f80dd7372df6
-
SHA1
ce903d9bf1a1876085b3cfe91bfd0e5c89f3f37a
-
SHA256
70d8028c7fb7f4869f230c8500e365d3fd6c58680fa7ba75301b67e7ca165a25
-
SHA512
3a81153ddc4351d8f3184d481d49cfba43e025b960c2161df89365caa4d7d50f037b12bfce10bea5e49fb04df773f22268000f6656b407a9501e0e863ced5db1
-
SSDEEP
3072:BYB9YVPX3upd1qnAEzYds7E7/dThEgFJugbg:BaUX+pd1bEz2s7ETRhEgFJJ
Score8/10-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-