General
-
Target
bff2bf493325119f9a575f1b1917ee01679c48b4991ca9356c33e1dccb0631bb
-
Size
216KB
-
Sample
221124-amklsaaa5s
-
MD5
2b109e310349ac6476fac279239c53e0
-
SHA1
c44a85b0d9c78035c77c6e2bf90e17dd3eba8f6a
-
SHA256
bff2bf493325119f9a575f1b1917ee01679c48b4991ca9356c33e1dccb0631bb
-
SHA512
2f33954ae7e563f55730a05ba07e30e44d7dcec40b27a6352182376173854a27870dd8879ba35f20fb91381e90c44e2f42ae1a4d4d14b16650635014707e67e4
-
SSDEEP
3072:mFvdlkZboHFGFooobAqzNOEbOKZbtpGPsLxf:mFvzNPseNmKJtpLf
Malware Config
Targets
-
-
Target
bff2bf493325119f9a575f1b1917ee01679c48b4991ca9356c33e1dccb0631bb
-
Size
216KB
-
MD5
2b109e310349ac6476fac279239c53e0
-
SHA1
c44a85b0d9c78035c77c6e2bf90e17dd3eba8f6a
-
SHA256
bff2bf493325119f9a575f1b1917ee01679c48b4991ca9356c33e1dccb0631bb
-
SHA512
2f33954ae7e563f55730a05ba07e30e44d7dcec40b27a6352182376173854a27870dd8879ba35f20fb91381e90c44e2f42ae1a4d4d14b16650635014707e67e4
-
SSDEEP
3072:mFvdlkZboHFGFooobAqzNOEbOKZbtpGPsLxf:mFvzNPseNmKJtpLf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-