General
-
Target
8271b0053bcb990e4635ff9adb11bd55d1b03daf69c710c0fb6b2c0435f84966
-
Size
4.9MB
-
Sample
221124-ah77aahg5y
-
MD5
f7943a827363ab4417b44a5f5a34d84b
-
SHA1
fb526dce59670014f3d494c451fe87398b27d2bb
-
SHA256
8271b0053bcb990e4635ff9adb11bd55d1b03daf69c710c0fb6b2c0435f84966
-
SHA512
7d4b1ad14f7a07178dd623b8cc11707c4032279e6b735b11130e1dd34b508082836c920e144c191ebb1c8574122af40b3e29a519d69a6027e220d25db6e1c19d
-
SSDEEP
98304:AZ4FLxsKhGwrB46QdU0OfAiogNh78zVcnsisWHgpj2aiSgb1tt5:Qy13G246Qa0S3oKZ+cYWoj2vS611
Malware Config
Targets
-
-
Target
8271b0053bcb990e4635ff9adb11bd55d1b03daf69c710c0fb6b2c0435f84966
-
Size
4.9MB
-
MD5
f7943a827363ab4417b44a5f5a34d84b
-
SHA1
fb526dce59670014f3d494c451fe87398b27d2bb
-
SHA256
8271b0053bcb990e4635ff9adb11bd55d1b03daf69c710c0fb6b2c0435f84966
-
SHA512
7d4b1ad14f7a07178dd623b8cc11707c4032279e6b735b11130e1dd34b508082836c920e144c191ebb1c8574122af40b3e29a519d69a6027e220d25db6e1c19d
-
SSDEEP
98304:AZ4FLxsKhGwrB46QdU0OfAiogNh78zVcnsisWHgpj2aiSgb1tt5:Qy13G246Qa0S3oKZ+cYWoj2vS611
Score8/10-
Executes dropped EXE
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-