General
-
Target
eb6a5134e9c4cd0a9e070a068db11175c0acb12c06da596c94dbff881ebf21bc
-
Size
216KB
-
Sample
221011-fe484sfae7
-
MD5
60152077e885f56d9c6ff17f5c88fb20
-
SHA1
d5fa9af8a4464a1c19c082c22f28bedd2bd1109a
-
SHA256
eb6a5134e9c4cd0a9e070a068db11175c0acb12c06da596c94dbff881ebf21bc
-
SHA512
1d69a1fd1f832f023c892fd3cd9ed2f8b27d14f03134c5189a1d4f18d605157db33bf68f0023227b549fd5831e414ba816ef8c2c1282d865c4841e3c6ba033eb
-
SSDEEP
3072:rHC+gtINQtPEwAfe1zJNgmFmPMzGxIl+hRUk/InZ2oK:riW6tswAfe1zJGOm/IoRUkAZC
Malware Config
Targets
-
-
Target
eb6a5134e9c4cd0a9e070a068db11175c0acb12c06da596c94dbff881ebf21bc
-
Size
216KB
-
MD5
60152077e885f56d9c6ff17f5c88fb20
-
SHA1
d5fa9af8a4464a1c19c082c22f28bedd2bd1109a
-
SHA256
eb6a5134e9c4cd0a9e070a068db11175c0acb12c06da596c94dbff881ebf21bc
-
SHA512
1d69a1fd1f832f023c892fd3cd9ed2f8b27d14f03134c5189a1d4f18d605157db33bf68f0023227b549fd5831e414ba816ef8c2c1282d865c4841e3c6ba033eb
-
SSDEEP
3072:rHC+gtINQtPEwAfe1zJNgmFmPMzGxIl+hRUk/InZ2oK:riW6tswAfe1zJGOm/IoRUkAZC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-