General
-
Target
49b53d0bf3dbdcf44af4f5b1b4c4521e7e36239d4851b148071ece67407ffe12
-
Size
340KB
-
Sample
221106-qd2rpscgf2
-
MD5
05d44e41a59924f8f9f49a02626a50a9
-
SHA1
9f1f27c5f6311edae934d9e9abda3dbc7cdbca9c
-
SHA256
49b53d0bf3dbdcf44af4f5b1b4c4521e7e36239d4851b148071ece67407ffe12
-
SHA512
f2ab053aca3e1ee13b4677089f123e95833204ae9c9472e9dc53616314d374d57bc895b334f9cbf2d27b6e48109442e1c6e26b0fba3dbf887311a3fbb42bfa01
-
SSDEEP
6144:gDCwfG1bnxLERRh5yc8TO914s9HNeBBNlpZPIoD1rZ:g72bntELT74SPKBLWoD19
Malware Config
Targets
-
-
Target
49b53d0bf3dbdcf44af4f5b1b4c4521e7e36239d4851b148071ece67407ffe12
-
Size
340KB
-
MD5
05d44e41a59924f8f9f49a02626a50a9
-
SHA1
9f1f27c5f6311edae934d9e9abda3dbc7cdbca9c
-
SHA256
49b53d0bf3dbdcf44af4f5b1b4c4521e7e36239d4851b148071ece67407ffe12
-
SHA512
f2ab053aca3e1ee13b4677089f123e95833204ae9c9472e9dc53616314d374d57bc895b334f9cbf2d27b6e48109442e1c6e26b0fba3dbf887311a3fbb42bfa01
-
SSDEEP
6144:gDCwfG1bnxLERRh5yc8TO914s9HNeBBNlpZPIoD1rZ:g72bntELT74SPKBLWoD19
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-