General
-
Target
e98e38795b37d041b3e6992267d1f2da24dbc2bd30eba05a7822cfbd8a0cf63c
-
Size
160KB
-
Sample
221121-3afraabb93
-
MD5
4cd17619071b48c231af3d75823f7201
-
SHA1
ae547460f19021740188c7ff1b0698db29c3a19a
-
SHA256
e98e38795b37d041b3e6992267d1f2da24dbc2bd30eba05a7822cfbd8a0cf63c
-
SHA512
6c848033d2aa13518ea009a4384b808e4f29a1b0303838e4598815053fe50731b9c78b3a7dbacbd4df0c561bc2274de735c83a35fc48f476234679c413b75339
-
SSDEEP
3072:bZcjtWGfa3dOQ9E4WV6zBPuHCDxKM2ga12bND:+jwGfqdOQ1WQ9GilDOY
Malware Config
Targets
-
-
Target
e98e38795b37d041b3e6992267d1f2da24dbc2bd30eba05a7822cfbd8a0cf63c
-
Size
160KB
-
MD5
4cd17619071b48c231af3d75823f7201
-
SHA1
ae547460f19021740188c7ff1b0698db29c3a19a
-
SHA256
e98e38795b37d041b3e6992267d1f2da24dbc2bd30eba05a7822cfbd8a0cf63c
-
SHA512
6c848033d2aa13518ea009a4384b808e4f29a1b0303838e4598815053fe50731b9c78b3a7dbacbd4df0c561bc2274de735c83a35fc48f476234679c413b75339
-
SSDEEP
3072:bZcjtWGfa3dOQ9E4WV6zBPuHCDxKM2ga12bND:+jwGfqdOQ1WQ9GilDOY
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-