General
-
Target
150b26905bcdc895fd6137734cd54d88f09d8e0465cf05f0c68f8be85ac4f47d
-
Size
308KB
-
Sample
221124-an98tsfa24
-
MD5
06cce00d8c251522188138493a198270
-
SHA1
12c92067f53af07d94f0f98082cf0e9c13a2e988
-
SHA256
150b26905bcdc895fd6137734cd54d88f09d8e0465cf05f0c68f8be85ac4f47d
-
SHA512
f08cb8fd3c4804a91d8093bb401d3347505fd6db1f0fc9c47aab45cc8fd8b41bbbfe26fdf3504fb307b56de472216b0d5b391ffab9df65dd903ba7dd17109eb0
-
SSDEEP
3072:J3BE7ckeKkAhDQMXR/zJv4OjZe4gZTUHwkK8hmDA4dCuh8PMAGLNVVgiIMU3BDn2:FCeMzXR/zjjZe4owHe8hAAKX8PgNph
Malware Config
Targets
-
-
Target
150b26905bcdc895fd6137734cd54d88f09d8e0465cf05f0c68f8be85ac4f47d
-
Size
308KB
-
MD5
06cce00d8c251522188138493a198270
-
SHA1
12c92067f53af07d94f0f98082cf0e9c13a2e988
-
SHA256
150b26905bcdc895fd6137734cd54d88f09d8e0465cf05f0c68f8be85ac4f47d
-
SHA512
f08cb8fd3c4804a91d8093bb401d3347505fd6db1f0fc9c47aab45cc8fd8b41bbbfe26fdf3504fb307b56de472216b0d5b391ffab9df65dd903ba7dd17109eb0
-
SSDEEP
3072:J3BE7ckeKkAhDQMXR/zJv4OjZe4gZTUHwkK8hmDA4dCuh8PMAGLNVVgiIMU3BDn2:FCeMzXR/zjjZe4owHe8hAAKX8PgNph
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-