General
-
Target
ad480eacf8c11aad3d3ae274756d62d659e2d01a24097e8147d2dd3dddfd1b47
-
Size
248KB
-
Sample
221123-xlc7msfc88
-
MD5
4425041e6a5130ed4848baa117ae2c30
-
SHA1
b12df667fb3b5fc506d318ef79cf4141c4f351dd
-
SHA256
ad480eacf8c11aad3d3ae274756d62d659e2d01a24097e8147d2dd3dddfd1b47
-
SHA512
0385deb7f84e80493c273fa167c574399c3e27949b3f045268fef377c57ca4fdd37a40a0bc06608b0f5a69cd3beb96b2c39e9a9308973000445b5a6476f03c0a
-
SSDEEP
6144:2BrcmAAc2yKz3Mw0CLpqQlLyefVY3KczCTzys+OIxz6hZdOMm8+:2BI7gzh7dqk2efVY3KczCTzys+OIxz6y
Malware Config
Targets
-
-
Target
ad480eacf8c11aad3d3ae274756d62d659e2d01a24097e8147d2dd3dddfd1b47
-
Size
248KB
-
MD5
4425041e6a5130ed4848baa117ae2c30
-
SHA1
b12df667fb3b5fc506d318ef79cf4141c4f351dd
-
SHA256
ad480eacf8c11aad3d3ae274756d62d659e2d01a24097e8147d2dd3dddfd1b47
-
SHA512
0385deb7f84e80493c273fa167c574399c3e27949b3f045268fef377c57ca4fdd37a40a0bc06608b0f5a69cd3beb96b2c39e9a9308973000445b5a6476f03c0a
-
SSDEEP
6144:2BrcmAAc2yKz3Mw0CLpqQlLyefVY3KczCTzys+OIxz6hZdOMm8+:2BI7gzh7dqk2efVY3KczCTzys+OIxz6y
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-