General
-
Target
affb2aee89f4d58703f47e3487a601593ea66b3f71ffc332db7e2e3ee770bcd4
-
Size
5.7MB
-
Sample
221123-njp9raha54
-
MD5
3f337a868867583c37e004dbef1cc3fc
-
SHA1
75ccca59196d0c68ccbcf71060b01282d22c1531
-
SHA256
affb2aee89f4d58703f47e3487a601593ea66b3f71ffc332db7e2e3ee770bcd4
-
SHA512
8767e1731d1fa14f46804d1d514a40c11a256d6ddc91b757edddec923c4cb78108469adab7272928b1fb2a5098201dd5c62bdc11cb3923d0e725d9e7c0239d08
-
SSDEEP
98304:RL+p957/mfkAb0JOyEmi+thHGAa0P9CQOGCfRJ2jlTDZ2l4wdcACdcruV95czI:l89J/ANzywiJlgQNUJ2BTDYiqcAViVws
Malware Config
Targets
-
-
Target
affb2aee89f4d58703f47e3487a601593ea66b3f71ffc332db7e2e3ee770bcd4
-
Size
5.7MB
-
MD5
3f337a868867583c37e004dbef1cc3fc
-
SHA1
75ccca59196d0c68ccbcf71060b01282d22c1531
-
SHA256
affb2aee89f4d58703f47e3487a601593ea66b3f71ffc332db7e2e3ee770bcd4
-
SHA512
8767e1731d1fa14f46804d1d514a40c11a256d6ddc91b757edddec923c4cb78108469adab7272928b1fb2a5098201dd5c62bdc11cb3923d0e725d9e7c0239d08
-
SSDEEP
98304:RL+p957/mfkAb0JOyEmi+thHGAa0P9CQOGCfRJ2jlTDZ2l4wdcACdcruV95czI:l89J/ANzywiJlgQNUJ2BTDYiqcAViVws
Score8/10-
Executes dropped EXE
-
Modifies AppInit DLL entries
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-