General
-
Target
49d8995d916d70954f10342a02df7615946cf813fed31134ce40bfd43637261d
-
Size
222KB
-
Sample
221107-wz5clsbff5
-
MD5
02a69354c57dbbc3c39cc463efff5b5a
-
SHA1
b00657df7a66d3d344a023a725bff6908b8ce784
-
SHA256
49d8995d916d70954f10342a02df7615946cf813fed31134ce40bfd43637261d
-
SHA512
b6bf45607c5f9b68f3f546a516e8a551f7bbe27bc4e60261b8d972a580e7a34ab6e97f675ea26ac985627d51cd1f75c203a0ba7807bd2110922f329b0c8e3cee
-
SSDEEP
3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCm/DER4eQaYG:gDCwfG1bnxLERRNYG
Malware Config
Targets
-
-
Target
49d8995d916d70954f10342a02df7615946cf813fed31134ce40bfd43637261d
-
Size
222KB
-
MD5
02a69354c57dbbc3c39cc463efff5b5a
-
SHA1
b00657df7a66d3d344a023a725bff6908b8ce784
-
SHA256
49d8995d916d70954f10342a02df7615946cf813fed31134ce40bfd43637261d
-
SHA512
b6bf45607c5f9b68f3f546a516e8a551f7bbe27bc4e60261b8d972a580e7a34ab6e97f675ea26ac985627d51cd1f75c203a0ba7807bd2110922f329b0c8e3cee
-
SSDEEP
3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCm/DER4eQaYG:gDCwfG1bnxLERRNYG
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-