General
-
Target
ff25ff7b8b80412ed64551e921d83b2fa0e553a7fc89769695364df9f579eb58
-
Size
416KB
-
Sample
221011-fe6f6sfae8
-
MD5
04c27cb013b9276d731d107cf13569d1
-
SHA1
d7f2dd7403613d44195d19c6b7c6e7d6db91c757
-
SHA256
ff25ff7b8b80412ed64551e921d83b2fa0e553a7fc89769695364df9f579eb58
-
SHA512
93e6c251f8e9af1d956566e2637746ae9577e87933ca53033ae0c35696a903fd5570e427e937f1d410267dc150ccc465f0ae2c195fd95bfd3373ec3fd0ddda8c
-
SSDEEP
12288:yDLOhQiq/baOtDO5k+XWsJQrrUmhiK2thyHRU:yDuQiqjklWhiTyHRU
Malware Config
Targets
-
-
Target
ff25ff7b8b80412ed64551e921d83b2fa0e553a7fc89769695364df9f579eb58
-
Size
416KB
-
MD5
04c27cb013b9276d731d107cf13569d1
-
SHA1
d7f2dd7403613d44195d19c6b7c6e7d6db91c757
-
SHA256
ff25ff7b8b80412ed64551e921d83b2fa0e553a7fc89769695364df9f579eb58
-
SHA512
93e6c251f8e9af1d956566e2637746ae9577e87933ca53033ae0c35696a903fd5570e427e937f1d410267dc150ccc465f0ae2c195fd95bfd3373ec3fd0ddda8c
-
SSDEEP
12288:yDLOhQiq/baOtDO5k+XWsJQrrUmhiK2thyHRU:yDuQiqjklWhiTyHRU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-