General
-
Target
4311d241ffb8fb1333493821f8115f9c0bbf53f878a385c950d08200310ee8a9
-
Size
1.8MB
-
Sample
221107-cd8y5accf2
-
MD5
0e597757a5259b33b39b352382ce895a
-
SHA1
febeb4884830916a098a176a4808018edd2ab120
-
SHA256
4311d241ffb8fb1333493821f8115f9c0bbf53f878a385c950d08200310ee8a9
-
SHA512
781f4b969e31ab8e646482f794084a59ce6686a6538c5190e7cb31e4b3ab04c6cf8dbe463f6d3b5ef5319e7ee78dc102f48231eb63d7b4b5fa977e67ffd59178
-
SSDEEP
49152:Ht1qFbTChxKCnFnQXBbrtgb/iQvu0UHOaV2:HrqF6hxvWbrtUTrUHO02
Malware Config
Targets
-
-
Target
4311d241ffb8fb1333493821f8115f9c0bbf53f878a385c950d08200310ee8a9
-
Size
1.8MB
-
MD5
0e597757a5259b33b39b352382ce895a
-
SHA1
febeb4884830916a098a176a4808018edd2ab120
-
SHA256
4311d241ffb8fb1333493821f8115f9c0bbf53f878a385c950d08200310ee8a9
-
SHA512
781f4b969e31ab8e646482f794084a59ce6686a6538c5190e7cb31e4b3ab04c6cf8dbe463f6d3b5ef5319e7ee78dc102f48231eb63d7b4b5fa977e67ffd59178
-
SSDEEP
49152:Ht1qFbTChxKCnFnQXBbrtgb/iQvu0UHOaV2:HrqF6hxvWbrtUTrUHO02
Score8/10-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Drops file in System32 directory
-