General
-
Target
1ad54ca3111a2380ab63599965f7b126a0b333db00481ec9477d8cab4a825395
-
Size
147KB
-
Sample
221020-bfq1nagahm
-
MD5
a2577e19db11175d9829b668fc540f50
-
SHA1
23a1ebb25b3f8e6d9bfd8e79246ec9e60ba237b3
-
SHA256
1ad54ca3111a2380ab63599965f7b126a0b333db00481ec9477d8cab4a825395
-
SHA512
c38091f3337b87412abb494b8301395b7f0aa532feede5d8e291365116878f7154aaa36e8ca996ccc98e67be9b4528a4933235048a1a585fdecd93ce1b902694
-
SSDEEP
3072:A1n4/ylMIUS9HF2D3NrJJwIOA55XUTZWZUR0zdwyGOiVqs:py+rSFULJ3wIp55xZ9ziyEqs
Malware Config
Targets
-
-
Target
1ad54ca3111a2380ab63599965f7b126a0b333db00481ec9477d8cab4a825395
-
Size
147KB
-
MD5
a2577e19db11175d9829b668fc540f50
-
SHA1
23a1ebb25b3f8e6d9bfd8e79246ec9e60ba237b3
-
SHA256
1ad54ca3111a2380ab63599965f7b126a0b333db00481ec9477d8cab4a825395
-
SHA512
c38091f3337b87412abb494b8301395b7f0aa532feede5d8e291365116878f7154aaa36e8ca996ccc98e67be9b4528a4933235048a1a585fdecd93ce1b902694
-
SSDEEP
3072:A1n4/ylMIUS9HF2D3NrJJwIOA55XUTZWZUR0zdwyGOiVqs:py+rSFULJ3wIp55xZ9ziyEqs
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-