General
-
Target
5fa8847755628a68d020c2f6a6b90f60d75f70ea877c9bccfb86e36ca320f6fa
-
Size
224KB
-
Sample
221124-althaseg52
-
MD5
3cd72d0edeb9fa862eb0705143c16362
-
SHA1
2f8e6edfef8bb98c5db17d807abefdedb9c5bb1a
-
SHA256
5fa8847755628a68d020c2f6a6b90f60d75f70ea877c9bccfb86e36ca320f6fa
-
SHA512
ebfaa276820f596d2ad06d5d183dca796fbdd1d1361a901b437f6eedcfeeaa53fd06a2027dd82b4dfa0a2f0523bda2dab0825e8390852fce5d1843c1599e5bd7
-
SSDEEP
3072:YXyqNsMoBuBZVpl2mclbj4Uvx+8ysNOu+2eRcKksU61JkkX39RLrw4ySKUbax2+l:3qN5lp4LnbmlrZ3y
Malware Config
Targets
-
-
Target
5fa8847755628a68d020c2f6a6b90f60d75f70ea877c9bccfb86e36ca320f6fa
-
Size
224KB
-
MD5
3cd72d0edeb9fa862eb0705143c16362
-
SHA1
2f8e6edfef8bb98c5db17d807abefdedb9c5bb1a
-
SHA256
5fa8847755628a68d020c2f6a6b90f60d75f70ea877c9bccfb86e36ca320f6fa
-
SHA512
ebfaa276820f596d2ad06d5d183dca796fbdd1d1361a901b437f6eedcfeeaa53fd06a2027dd82b4dfa0a2f0523bda2dab0825e8390852fce5d1843c1599e5bd7
-
SSDEEP
3072:YXyqNsMoBuBZVpl2mclbj4Uvx+8ysNOu+2eRcKksU61JkkX39RLrw4ySKUbax2+l:3qN5lp4LnbmlrZ3y
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-