General
-
Target
6d8c1a3eb21978923f5c7197e79bc517f636718825c689404bd3bd59eb81c636
-
Size
43KB
-
Sample
221020-tp3d6acggp
-
MD5
900ff5e0e1e6be4ac73581243a97f2d0
-
SHA1
271f6490b17fc226911ceec7c18c09a284b86e3c
-
SHA256
6d8c1a3eb21978923f5c7197e79bc517f636718825c689404bd3bd59eb81c636
-
SHA512
65ededeacbe48c0ce640afc32e7f0b97ffcc4533aef0ea1d249e83a99abbc4c36e8c398da4a3f45bbb893bed8f64cb7d2e91332951a18ac7010c44e7565104c7
-
SSDEEP
768:oekLl8HJJy/SLuEfTrJ9VTh62GB561P6HVjHzMqvtZ1ufMx1ea1tLN0zU0HCCjPx:iYV9bGpfZZh1tL+HCCrkF
Malware Config
Targets
-
-
Target
6d8c1a3eb21978923f5c7197e79bc517f636718825c689404bd3bd59eb81c636
-
Size
43KB
-
MD5
900ff5e0e1e6be4ac73581243a97f2d0
-
SHA1
271f6490b17fc226911ceec7c18c09a284b86e3c
-
SHA256
6d8c1a3eb21978923f5c7197e79bc517f636718825c689404bd3bd59eb81c636
-
SHA512
65ededeacbe48c0ce640afc32e7f0b97ffcc4533aef0ea1d249e83a99abbc4c36e8c398da4a3f45bbb893bed8f64cb7d2e91332951a18ac7010c44e7565104c7
-
SSDEEP
768:oekLl8HJJy/SLuEfTrJ9VTh62GB561P6HVjHzMqvtZ1ufMx1ea1tLN0zU0HCCjPx:iYV9bGpfZZh1tL+HCCrkF
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-