General
-
Target
b07e2ab5bc00089f4d2f9c9c07381cd979a65802e6ddcbc27869a4a6275cccae
-
Size
554KB
-
Sample
221003-dg6tlsdce6
-
MD5
672d6fc27866ed1b169eefbd345528a2
-
SHA1
3632c923020b963e245ace4f9fd752a34c450ffc
-
SHA256
b07e2ab5bc00089f4d2f9c9c07381cd979a65802e6ddcbc27869a4a6275cccae
-
SHA512
f35def01af4527c7bfe257c6c77e89ad626503837b03b056bc626236c037767cf851532ecdaf268acbf8ccf7f19612e88715a64ce28f481cdcb0b9761032bbee
-
SSDEEP
6144:nJlQdETNux0Domh0l0WHMVGOfj2wqrpdN+sXGCJzsDzCErXW0DnBtJSqvKcysxV6:nJDTNNomKHM4y6TPBJIDzCoXW0tbNxiR
Malware Config
Targets
-
-
Target
b07e2ab5bc00089f4d2f9c9c07381cd979a65802e6ddcbc27869a4a6275cccae
-
Size
554KB
-
MD5
672d6fc27866ed1b169eefbd345528a2
-
SHA1
3632c923020b963e245ace4f9fd752a34c450ffc
-
SHA256
b07e2ab5bc00089f4d2f9c9c07381cd979a65802e6ddcbc27869a4a6275cccae
-
SHA512
f35def01af4527c7bfe257c6c77e89ad626503837b03b056bc626236c037767cf851532ecdaf268acbf8ccf7f19612e88715a64ce28f481cdcb0b9761032bbee
-
SSDEEP
6144:nJlQdETNux0Domh0l0WHMVGOfj2wqrpdN+sXGCJzsDzCErXW0DnBtJSqvKcysxV6:nJDTNNomKHM4y6TPBJIDzCoXW0tbNxiR
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-