General
-
Target
1fb123934d4ddcaa1db22b91b1feb7b59b2db64eaeb2c7b14709f32d0c714e53
-
Size
208KB
-
Sample
221123-vt7ecach8y
-
MD5
571002a47b78ab366a2031d9c0eba7e7
-
SHA1
0b538a907be79ff578032cb1113c3c7b6d8fe837
-
SHA256
1fb123934d4ddcaa1db22b91b1feb7b59b2db64eaeb2c7b14709f32d0c714e53
-
SHA512
c5fd75a9afc5a09be642194b4a79638b968ce9fd5385f5feecb137551d8899f42a774706f547cf599e39e823b2608272404c85259809cc3ff0b2457afe684dde
-
SSDEEP
3072:zL/ErSdOKkbHtInyG2mTmGQ9AphKElqUAD:zL/ErMAbHenyGH2aKAA
Malware Config
Targets
-
-
Target
1fb123934d4ddcaa1db22b91b1feb7b59b2db64eaeb2c7b14709f32d0c714e53
-
Size
208KB
-
MD5
571002a47b78ab366a2031d9c0eba7e7
-
SHA1
0b538a907be79ff578032cb1113c3c7b6d8fe837
-
SHA256
1fb123934d4ddcaa1db22b91b1feb7b59b2db64eaeb2c7b14709f32d0c714e53
-
SHA512
c5fd75a9afc5a09be642194b4a79638b968ce9fd5385f5feecb137551d8899f42a774706f547cf599e39e823b2608272404c85259809cc3ff0b2457afe684dde
-
SSDEEP
3072:zL/ErSdOKkbHtInyG2mTmGQ9AphKElqUAD:zL/ErMAbHenyGH2aKAA
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-