General
-
Target
158a88c319b5f8ba129121cf4da24d8c855840aceb69dc87bded2915d6385c42
-
Size
20KB
-
Sample
221002-1559baedfj
-
MD5
6c8c4164d8c8ed4ec978e5c47d3decd0
-
SHA1
10665c984d497d5c6787e7a929fba642f39bacab
-
SHA256
158a88c319b5f8ba129121cf4da24d8c855840aceb69dc87bded2915d6385c42
-
SHA512
16019b6fabaf19510c65edeaeb16a46e19947573aa9aa7e22892370f50f0f8ee244ee5d9fd57bdc8809b405f61e986c9d33881127de14ae1e7830032316e9e0d
-
SSDEEP
192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJB7p:1M3PnQoHDCpHf4I4Qwdc0G5KDJlp
Malware Config
Targets
-
-
Target
158a88c319b5f8ba129121cf4da24d8c855840aceb69dc87bded2915d6385c42
-
Size
20KB
-
MD5
6c8c4164d8c8ed4ec978e5c47d3decd0
-
SHA1
10665c984d497d5c6787e7a929fba642f39bacab
-
SHA256
158a88c319b5f8ba129121cf4da24d8c855840aceb69dc87bded2915d6385c42
-
SHA512
16019b6fabaf19510c65edeaeb16a46e19947573aa9aa7e22892370f50f0f8ee244ee5d9fd57bdc8809b405f61e986c9d33881127de14ae1e7830032316e9e0d
-
SSDEEP
192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJB7p:1M3PnQoHDCpHf4I4Qwdc0G5KDJlp
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-