General
-
Target
dcda67858cd9303dd32c0c979030dc0025a457e8b52f8b1c76f3c99943b9b48f
-
Size
156KB
-
Sample
221124-agcnzshf4x
-
MD5
15c6913de4b47966ef0ed7a20dc91fcf
-
SHA1
703be70c224f7b05b215d436d844009172765fc3
-
SHA256
dcda67858cd9303dd32c0c979030dc0025a457e8b52f8b1c76f3c99943b9b48f
-
SHA512
6cad428571d9a839cd0c85c7fd544aa730f7f08d2ef9c964cf9ee9a5043b690f8e902cf7290771e024a5803de407c1db75cabbded671a8a7309cc9d5859da298
-
SSDEEP
3072:gLySQYWrO0VctCPmJIHE+gRyRSIuznLstk4oQZiEap2Y:TYGPctCrEaRQLpWkpN
Malware Config
Targets
-
-
Target
dcda67858cd9303dd32c0c979030dc0025a457e8b52f8b1c76f3c99943b9b48f
-
Size
156KB
-
MD5
15c6913de4b47966ef0ed7a20dc91fcf
-
SHA1
703be70c224f7b05b215d436d844009172765fc3
-
SHA256
dcda67858cd9303dd32c0c979030dc0025a457e8b52f8b1c76f3c99943b9b48f
-
SHA512
6cad428571d9a839cd0c85c7fd544aa730f7f08d2ef9c964cf9ee9a5043b690f8e902cf7290771e024a5803de407c1db75cabbded671a8a7309cc9d5859da298
-
SSDEEP
3072:gLySQYWrO0VctCPmJIHE+gRyRSIuznLstk4oQZiEap2Y:TYGPctCrEaRQLpWkpN
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-