General
-
Target
de073e05a7b5eea15330bef5ad778750584908f5cc8cc80a6a9ee68442da8370
-
Size
308KB
-
Sample
221124-an9masab41
-
MD5
1f546ffdebfbd9d3a694437a3bc03f40
-
SHA1
313a687a522119cb02c93f87f8b8aba1ded062b0
-
SHA256
de073e05a7b5eea15330bef5ad778750584908f5cc8cc80a6a9ee68442da8370
-
SHA512
57e675739905e2ff76df8b039832f592f008471d248b272655fe53002f36e36c82d2b7e5c9f31fc2cb7007689faf213e854acf3f688efaf2d71c1bc403bb28d2
-
SSDEEP
3072:J3BEmcynKkAhDQMXR/zJv4OjZe4gZTUHwkK8hmDA4dCuh8PMAGLNVVgiIMU3BDkg:FCGMzXR/zjjZe4owHe8hAAKX8PgNpk
Malware Config
Targets
-
-
Target
de073e05a7b5eea15330bef5ad778750584908f5cc8cc80a6a9ee68442da8370
-
Size
308KB
-
MD5
1f546ffdebfbd9d3a694437a3bc03f40
-
SHA1
313a687a522119cb02c93f87f8b8aba1ded062b0
-
SHA256
de073e05a7b5eea15330bef5ad778750584908f5cc8cc80a6a9ee68442da8370
-
SHA512
57e675739905e2ff76df8b039832f592f008471d248b272655fe53002f36e36c82d2b7e5c9f31fc2cb7007689faf213e854acf3f688efaf2d71c1bc403bb28d2
-
SSDEEP
3072:J3BEmcynKkAhDQMXR/zJv4OjZe4gZTUHwkK8hmDA4dCuh8PMAGLNVVgiIMU3BDkg:FCGMzXR/zjjZe4owHe8hAAKX8PgNpk
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-