General
-
Target
5d17dcf565c52b0d096fb2f0d4bbaf7969a4cb9197b8a8375e4bbaa130728b70
-
Size
481KB
-
Sample
221119-nrcnmahg39
-
MD5
5081a7e096b7afcd79149ede6c07bc20
-
SHA1
e0bfd8b43a9c4d8cbbb04a526d55fb4f7e0a70b9
-
SHA256
5d17dcf565c52b0d096fb2f0d4bbaf7969a4cb9197b8a8375e4bbaa130728b70
-
SHA512
6dd90a7f0816d34632062ac3e0ca81a0dd59c6ba4761518ab029ceb90be0c16650177e410bf03be22577a096e289eea667831c9157f2ebd4ba7e7ecb397cbd00
-
SSDEEP
6144:9UdUWr460Bi6V0BiznwZ9X4XGBQTPQkGa97S/RR/gou+ENupOljZ7P+UJwlLlvLd:IL4rnc2wZl4EGfY60ENupOrT+UYdN
Malware Config
Targets
-
-
Target
5d17dcf565c52b0d096fb2f0d4bbaf7969a4cb9197b8a8375e4bbaa130728b70
-
Size
481KB
-
MD5
5081a7e096b7afcd79149ede6c07bc20
-
SHA1
e0bfd8b43a9c4d8cbbb04a526d55fb4f7e0a70b9
-
SHA256
5d17dcf565c52b0d096fb2f0d4bbaf7969a4cb9197b8a8375e4bbaa130728b70
-
SHA512
6dd90a7f0816d34632062ac3e0ca81a0dd59c6ba4761518ab029ceb90be0c16650177e410bf03be22577a096e289eea667831c9157f2ebd4ba7e7ecb397cbd00
-
SSDEEP
6144:9UdUWr460Bi6V0BiznwZ9X4XGBQTPQkGa97S/RR/gou+ENupOljZ7P+UJwlLlvLd:IL4rnc2wZl4EGfY60ENupOrT+UYdN
Score8/10-
Suspicious Office macro
Office document equipped with macros.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-