General
-
Target
4d4784c79d8357a90fca31af559f456a86e6068e48550d809fccc8916a76577b
-
Size
132KB
-
Sample
221107-qfr1aabdcl
-
MD5
0de28809c8c679fba289727eb9a51903
-
SHA1
62475c14f064f826380a6951c96f5cff3f026135
-
SHA256
4d4784c79d8357a90fca31af559f456a86e6068e48550d809fccc8916a76577b
-
SHA512
279e8c0839568af24357fc9437eeba0e5ca2c9a4f2d566e0cf7628a2b5268983122c94e0db2dd76d4980a703f643b134025d643931b087c8c347237973b4a40e
-
SSDEEP
768://raHM782f9rvs2Zg5nicskQzTGfxgzh3emu4v/eB4z7VP7LdGSu2HyTAzfMgTA1://roM7ZJfUQWgY54v
Malware Config
Targets
-
-
Target
4d4784c79d8357a90fca31af559f456a86e6068e48550d809fccc8916a76577b
-
Size
132KB
-
MD5
0de28809c8c679fba289727eb9a51903
-
SHA1
62475c14f064f826380a6951c96f5cff3f026135
-
SHA256
4d4784c79d8357a90fca31af559f456a86e6068e48550d809fccc8916a76577b
-
SHA512
279e8c0839568af24357fc9437eeba0e5ca2c9a4f2d566e0cf7628a2b5268983122c94e0db2dd76d4980a703f643b134025d643931b087c8c347237973b4a40e
-
SSDEEP
768://raHM782f9rvs2Zg5nicskQzTGfxgzh3emu4v/eB4z7VP7LdGSu2HyTAzfMgTA1://roM7ZJfUQWgY54v
Score10/10-
Modifies visibility of file extensions in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-