General
-
Target
fe81b8d7b1aaed80903691cd144fd06f68196ab00ddc5495f2b0ca3fd8b81da8
-
Size
280KB
-
Sample
221030-yx1bzsghh6
-
MD5
a1793e8e8c0d6b999e21ff9f73a92340
-
SHA1
462c6ef1c9cef2090a7bcce0bc085886a6030d27
-
SHA256
fe81b8d7b1aaed80903691cd144fd06f68196ab00ddc5495f2b0ca3fd8b81da8
-
SHA512
70d17ad6ffa51f58fd8fb7b4e9c1c65b18c061e70c6fbede9479d5e15a62f323144e5e46788e25d302488de56cba4069978dd1db4f680e8fca34a9852e0e9f8c
-
SSDEEP
3072:zaqV8iHOPiu8aQb3TqDUCiGjHJDbRv9y+qwa+rZf/MthBX:beiHOq3TqD+0HBb5ta+rZ3MN
Malware Config
Targets
-
-
Target
fe81b8d7b1aaed80903691cd144fd06f68196ab00ddc5495f2b0ca3fd8b81da8
-
Size
280KB
-
MD5
a1793e8e8c0d6b999e21ff9f73a92340
-
SHA1
462c6ef1c9cef2090a7bcce0bc085886a6030d27
-
SHA256
fe81b8d7b1aaed80903691cd144fd06f68196ab00ddc5495f2b0ca3fd8b81da8
-
SHA512
70d17ad6ffa51f58fd8fb7b4e9c1c65b18c061e70c6fbede9479d5e15a62f323144e5e46788e25d302488de56cba4069978dd1db4f680e8fca34a9852e0e9f8c
-
SSDEEP
3072:zaqV8iHOPiu8aQb3TqDUCiGjHJDbRv9y+qwa+rZf/MthBX:beiHOq3TqD+0HBb5ta+rZ3MN
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-