General
-
Target
8cbefa72904dce6ec0428e024d218ca887c7dc3485a84323eb8040f5290c131c
-
Size
256KB
-
Sample
221011-zmah9adhd8
-
MD5
6ee79f73a2f12b2dac1c95c66c16b340
-
SHA1
9c0ab559d9deeb13da3d8cf01aa586ffe4de5145
-
SHA256
8cbefa72904dce6ec0428e024d218ca887c7dc3485a84323eb8040f5290c131c
-
SHA512
1e1b54e1bf62e2c4b3107723f2050865257da2198b8740fb38f7bd870d8e6b12a4708e3ca6bb4cb7b175b327533d6112ad1af0f6bf84666b365b36c1fb90778d
-
SSDEEP
3072:WjNU55NZ5hTy/o/YRv5icYHrlSWQM6YiKyC70cEb+Rnwb1HC2eg:ANmsoNcUrtjFyC7G9
Malware Config
Targets
-
-
Target
8cbefa72904dce6ec0428e024d218ca887c7dc3485a84323eb8040f5290c131c
-
Size
256KB
-
MD5
6ee79f73a2f12b2dac1c95c66c16b340
-
SHA1
9c0ab559d9deeb13da3d8cf01aa586ffe4de5145
-
SHA256
8cbefa72904dce6ec0428e024d218ca887c7dc3485a84323eb8040f5290c131c
-
SHA512
1e1b54e1bf62e2c4b3107723f2050865257da2198b8740fb38f7bd870d8e6b12a4708e3ca6bb4cb7b175b327533d6112ad1af0f6bf84666b365b36c1fb90778d
-
SSDEEP
3072:WjNU55NZ5hTy/o/YRv5icYHrlSWQM6YiKyC70cEb+Rnwb1HC2eg:ANmsoNcUrtjFyC7G9
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-