General
-
Target
329e7805d663451b37069a6b510b321e2c3f960f37b68c768485cca7d2af8c3c
-
Size
188KB
-
Sample
221124-an81rsab4z
-
MD5
36bdf1b16cd1e8f79faf576a5c190309
-
SHA1
6327266874c35273ad5af61a13e6cb6f22ab64c1
-
SHA256
329e7805d663451b37069a6b510b321e2c3f960f37b68c768485cca7d2af8c3c
-
SHA512
6fa4637a7d246dccc6adef0f42f0aee63fa67fc471bae2e6cbb30fe54e6893e47d8ce10d628313d5a8501c831909dd5e63966386ec8e16342229f8942733fe0e
-
SSDEEP
3072:7P+I5VhHHxhbfdHKB59tCdYXnq1D5KeV:iI5VhHHxhbf9KBjYYXnU
Malware Config
Targets
-
-
Target
329e7805d663451b37069a6b510b321e2c3f960f37b68c768485cca7d2af8c3c
-
Size
188KB
-
MD5
36bdf1b16cd1e8f79faf576a5c190309
-
SHA1
6327266874c35273ad5af61a13e6cb6f22ab64c1
-
SHA256
329e7805d663451b37069a6b510b321e2c3f960f37b68c768485cca7d2af8c3c
-
SHA512
6fa4637a7d246dccc6adef0f42f0aee63fa67fc471bae2e6cbb30fe54e6893e47d8ce10d628313d5a8501c831909dd5e63966386ec8e16342229f8942733fe0e
-
SSDEEP
3072:7P+I5VhHHxhbfdHKB59tCdYXnq1D5KeV:iI5VhHHxhbf9KBjYYXnU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-