General
-
Target
df5b3d584402d88d19ff0dcd3ed1879c51d640bbf0eb6f38368322640ecfb452
-
Size
717KB
-
Sample
221123-lmyn7afb8y
-
MD5
9fe8f0d5bd98fd5b7eaddece52c99972
-
SHA1
5134ea4a5494bed1184f34e7586f950e8c958855
-
SHA256
df5b3d584402d88d19ff0dcd3ed1879c51d640bbf0eb6f38368322640ecfb452
-
SHA512
33536e5bebfc5240031ac362e1a9ce47ade064c4d5057b156e805a8a1266586a37ea46e06929b0ea65837c3cce3af9d117f81693d9a8884aceea5cf55f55117e
-
SSDEEP
6144:BEhzURIw1IHVseT2hUFj8Xvqpj1i3KWF1iGqBhel3uq8CJVU7Q1pFknM+VWxASBb:fmHy+Fj8XvZZUazkM4WxAYIQG7IIA
Malware Config
Targets
-
-
Target
df5b3d584402d88d19ff0dcd3ed1879c51d640bbf0eb6f38368322640ecfb452
-
Size
717KB
-
MD5
9fe8f0d5bd98fd5b7eaddece52c99972
-
SHA1
5134ea4a5494bed1184f34e7586f950e8c958855
-
SHA256
df5b3d584402d88d19ff0dcd3ed1879c51d640bbf0eb6f38368322640ecfb452
-
SHA512
33536e5bebfc5240031ac362e1a9ce47ade064c4d5057b156e805a8a1266586a37ea46e06929b0ea65837c3cce3af9d117f81693d9a8884aceea5cf55f55117e
-
SSDEEP
6144:BEhzURIw1IHVseT2hUFj8Xvqpj1i3KWF1iGqBhel3uq8CJVU7Q1pFknM+VWxASBb:fmHy+Fj8XvZZUazkM4WxAYIQG7IIA
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-