General
-
Target
6ad1498e5c8bdb678c7d0e566d8ff04f8972582db091647effd82b6e59fff5ca
-
Size
169KB
-
Sample
221123-vna4yshe34
-
MD5
4790f5e2d604ff6548a6959eb144cab3
-
SHA1
b113e02b6765be623323ffcfc98f62ac510232d4
-
SHA256
6ad1498e5c8bdb678c7d0e566d8ff04f8972582db091647effd82b6e59fff5ca
-
SHA512
1d2d90c40515217f87a40e7bdcbb9498e92a7c0d3433432bf970f75d2e54211abbb320617fc6fe57e2e50f898fb79e678a84bbaa6cb0e9c4ba25471ce6da0d3a
-
SSDEEP
3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCmzy8Jmky8JI3W:gDCwfG1bnxG8M58CW
Malware Config
Targets
-
-
Target
6ad1498e5c8bdb678c7d0e566d8ff04f8972582db091647effd82b6e59fff5ca
-
Size
169KB
-
MD5
4790f5e2d604ff6548a6959eb144cab3
-
SHA1
b113e02b6765be623323ffcfc98f62ac510232d4
-
SHA256
6ad1498e5c8bdb678c7d0e566d8ff04f8972582db091647effd82b6e59fff5ca
-
SHA512
1d2d90c40515217f87a40e7bdcbb9498e92a7c0d3433432bf970f75d2e54211abbb320617fc6fe57e2e50f898fb79e678a84bbaa6cb0e9c4ba25471ce6da0d3a
-
SSDEEP
3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCmzy8Jmky8JI3W:gDCwfG1bnxG8M58CW
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-