General
-
Target
2b388782d2ebefb51e70b2b43bc52b134f24b689173d7bfaf6a770fac8f0a527
-
Size
317KB
-
Sample
221123-r3a6qaac49
-
MD5
a90405c16367fa373b18aab4b22b38d0
-
SHA1
9496270b16f4a5f48656d7bbaa8a2d18e89d9fa8
-
SHA256
2b388782d2ebefb51e70b2b43bc52b134f24b689173d7bfaf6a770fac8f0a527
-
SHA512
d732a17f66d1e362a22233164f0c7e11257d8ec277e551ac58a3a323759094521d238414e2f4cc5efa833e00efb3ae0b79dd529e02c384db812bff29e4c18b05
-
SSDEEP
6144:PEhDPFMeNxGJdxDuKiatj1j5lVjhxx2U494dcK:P47wPKVej11TdB
Malware Config
Targets
-
-
Target
2b388782d2ebefb51e70b2b43bc52b134f24b689173d7bfaf6a770fac8f0a527
-
Size
317KB
-
MD5
a90405c16367fa373b18aab4b22b38d0
-
SHA1
9496270b16f4a5f48656d7bbaa8a2d18e89d9fa8
-
SHA256
2b388782d2ebefb51e70b2b43bc52b134f24b689173d7bfaf6a770fac8f0a527
-
SHA512
d732a17f66d1e362a22233164f0c7e11257d8ec277e551ac58a3a323759094521d238414e2f4cc5efa833e00efb3ae0b79dd529e02c384db812bff29e4c18b05
-
SSDEEP
6144:PEhDPFMeNxGJdxDuKiatj1j5lVjhxx2U494dcK:P47wPKVej11TdB
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks for any installed AV software in registry
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-