General
-
Target
1d0f660959abdd07b7f4002a77e2c33424513fb47fbad7be27f24ee689644c21
-
Size
339KB
-
Sample
221123-xpff6sae91
-
MD5
539c64d71bc9395464850b6183ef641a
-
SHA1
c09da93b232d660f3d7554a257fefdc8be4678de
-
SHA256
1d0f660959abdd07b7f4002a77e2c33424513fb47fbad7be27f24ee689644c21
-
SHA512
b3158d308916e4dbbeeb9019faff7790c2630a95e69f898d5f3ff0ef021750130e681f26c5acd29914abf9b06732785d3f8518e42623d137b707e5c21cbd2005
-
SSDEEP
3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCm/DER4eQwbpDCw1p3vmLvsZIaVwiwDcIbDO:gDCwfG1bnxLERR7DCwfG1bnxLERR3
Malware Config
Targets
-
-
Target
1d0f660959abdd07b7f4002a77e2c33424513fb47fbad7be27f24ee689644c21
-
Size
339KB
-
MD5
539c64d71bc9395464850b6183ef641a
-
SHA1
c09da93b232d660f3d7554a257fefdc8be4678de
-
SHA256
1d0f660959abdd07b7f4002a77e2c33424513fb47fbad7be27f24ee689644c21
-
SHA512
b3158d308916e4dbbeeb9019faff7790c2630a95e69f898d5f3ff0ef021750130e681f26c5acd29914abf9b06732785d3f8518e42623d137b707e5c21cbd2005
-
SSDEEP
3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCm/DER4eQwbpDCw1p3vmLvsZIaVwiwDcIbDO:gDCwfG1bnxLERR7DCwfG1bnxLERR3
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-