General
-
Target
7e48a2f2231593640d5659851dad095edf15e19c24dbe1e29297ddc52fcf8f2b
-
Size
212KB
-
Sample
221020-dt4j1sbhg4
-
MD5
52aa68a076b089ea3570b00f1891e4a4
-
SHA1
430e28c1452084e41954d3a7c3d2b3b9642df4bb
-
SHA256
7e48a2f2231593640d5659851dad095edf15e19c24dbe1e29297ddc52fcf8f2b
-
SHA512
676773c2b4a6228cfb1e056c969ef7a7f8ef7b214bc777912ddc85138b847d55c808cbcb7811ab72547f58dd141f6644e7f6b34282dbc0b592e1caaa151a36bb
-
SSDEEP
3072:ZQExuz37QQK2PFuCNZ1z4FtP7qM98mORblMMIVBri4hDjKNhLf9TOaB4:VxuzthbZAOM98tp4vrLpGN1f9Oa2
Malware Config
Targets
-
-
Target
7e48a2f2231593640d5659851dad095edf15e19c24dbe1e29297ddc52fcf8f2b
-
Size
212KB
-
MD5
52aa68a076b089ea3570b00f1891e4a4
-
SHA1
430e28c1452084e41954d3a7c3d2b3b9642df4bb
-
SHA256
7e48a2f2231593640d5659851dad095edf15e19c24dbe1e29297ddc52fcf8f2b
-
SHA512
676773c2b4a6228cfb1e056c969ef7a7f8ef7b214bc777912ddc85138b847d55c808cbcb7811ab72547f58dd141f6644e7f6b34282dbc0b592e1caaa151a36bb
-
SSDEEP
3072:ZQExuz37QQK2PFuCNZ1z4FtP7qM98mORblMMIVBri4hDjKNhLf9TOaB4:VxuzthbZAOM98tp4vrLpGN1f9Oa2
Score10/10-
Modifies WinLogon for persistence
-
UAC bypass
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-