General
-
Target
d8f84fa83afde4bb2eda8581d9f7200c415ab2f6d6efbb89fa4be8780621d7bd
-
Size
722KB
-
Sample
221002-y7eg9shdh2
-
MD5
45ac0083d2df7cec418fe6c3e3f68699
-
SHA1
4addd4cb0485f421da00e5a1bb878a006230d9a0
-
SHA256
d8f84fa83afde4bb2eda8581d9f7200c415ab2f6d6efbb89fa4be8780621d7bd
-
SHA512
0eedee5d505d33ef92772d53b72a07ac81535e75b7da6d8cd6cd024a684de750f8f0ff51a16ab90674ca2e6983e79d16c94b24d1a86721a9149231ddacd04b03
-
SSDEEP
12288:rj9l69ZU++3jUOIcr1MFNXJU6m6cmTDyhifHW8NUnVuv:rDsOIcrMXPzK8NUnVS
Malware Config
Targets
-
-
Target
d8f84fa83afde4bb2eda8581d9f7200c415ab2f6d6efbb89fa4be8780621d7bd
-
Size
722KB
-
MD5
45ac0083d2df7cec418fe6c3e3f68699
-
SHA1
4addd4cb0485f421da00e5a1bb878a006230d9a0
-
SHA256
d8f84fa83afde4bb2eda8581d9f7200c415ab2f6d6efbb89fa4be8780621d7bd
-
SHA512
0eedee5d505d33ef92772d53b72a07ac81535e75b7da6d8cd6cd024a684de750f8f0ff51a16ab90674ca2e6983e79d16c94b24d1a86721a9149231ddacd04b03
-
SSDEEP
12288:rj9l69ZU++3jUOIcr1MFNXJU6m6cmTDyhifHW8NUnVuv:rDsOIcrMXPzK8NUnVS
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-