General
-
Target
78c32fc455ff47d15dbec31588a059e5abdf9969be1bac80930105ad3327f44e
-
Size
246KB
-
Sample
221123-xmlv6sad9w
-
MD5
45128efe493234906ecc0d34392b87fb
-
SHA1
614cd3f781aced63f9cbfb2d1134d193d5f917ee
-
SHA256
78c32fc455ff47d15dbec31588a059e5abdf9969be1bac80930105ad3327f44e
-
SHA512
5121c218c49fb4b862ce2a0baa85d392169fdb1d09f2a7473ff171c40610b279a2dd92a51674162b36e1583d0cfa68281c67e5728613fab1b6facd61b1239bc9
-
SSDEEP
3072:DxoVC/AFLxIu1v+Xq9EzmTpjeG/9Q04Smo5HaeD91knKkaY6l6l1GLcSf:DiQAFFJB+Xq9BTpag94SFt1Qj1Gx
Malware Config
Targets
-
-
Target
78c32fc455ff47d15dbec31588a059e5abdf9969be1bac80930105ad3327f44e
-
Size
246KB
-
MD5
45128efe493234906ecc0d34392b87fb
-
SHA1
614cd3f781aced63f9cbfb2d1134d193d5f917ee
-
SHA256
78c32fc455ff47d15dbec31588a059e5abdf9969be1bac80930105ad3327f44e
-
SHA512
5121c218c49fb4b862ce2a0baa85d392169fdb1d09f2a7473ff171c40610b279a2dd92a51674162b36e1583d0cfa68281c67e5728613fab1b6facd61b1239bc9
-
SSDEEP
3072:DxoVC/AFLxIu1v+Xq9EzmTpjeG/9Q04Smo5HaeD91knKkaY6l6l1GLcSf:DiQAFFJB+Xq9BTpag94SFt1Qj1Gx
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-