General
-
Target
a5fc4f132a408a208992ed62130550fe1f9fc8054044a4bff9a450e43331c032
-
Size
24KB
-
Sample
221030-gw5rmsfbb8
-
MD5
586c6708aac7f4dc983268deb51e7f64
-
SHA1
c7961a0ef8c06e72188bb890f84f9b50ee09bb72
-
SHA256
a5fc4f132a408a208992ed62130550fe1f9fc8054044a4bff9a450e43331c032
-
SHA512
ca0864e655cdadd5a3be820bcc25527f2d2b1eedffa0a2a76a0b5eadc642ac74ad5891a60588767ef06d9611be8c1cd781af41c983388421f1b3a1f97796a80a
-
SSDEEP
384:1M3PnQoHDCpHf4I4Qwdc0G5KDJSY5rp4DB3mvUz3Lba:1m/QojCpHfx0SY5rp4d3mMz3L+
Malware Config
Targets
-
-
Target
a5fc4f132a408a208992ed62130550fe1f9fc8054044a4bff9a450e43331c032
-
Size
24KB
-
MD5
586c6708aac7f4dc983268deb51e7f64
-
SHA1
c7961a0ef8c06e72188bb890f84f9b50ee09bb72
-
SHA256
a5fc4f132a408a208992ed62130550fe1f9fc8054044a4bff9a450e43331c032
-
SHA512
ca0864e655cdadd5a3be820bcc25527f2d2b1eedffa0a2a76a0b5eadc642ac74ad5891a60588767ef06d9611be8c1cd781af41c983388421f1b3a1f97796a80a
-
SSDEEP
384:1M3PnQoHDCpHf4I4Qwdc0G5KDJSY5rp4DB3mvUz3Lba:1m/QojCpHfx0SY5rp4d3mMz3L+
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-