General
-
Target
c3e2dca987254de170e9264d025b7c2ba5ddb55c42d8bc9e60df7d1ba8a29a23
-
Size
224KB
-
Sample
221124-anwqfaeh86
-
MD5
188c9e53f1d790ba59bf6e8137a66250
-
SHA1
b7f419825e2e644872136669c255dc4c37240a8f
-
SHA256
c3e2dca987254de170e9264d025b7c2ba5ddb55c42d8bc9e60df7d1ba8a29a23
-
SHA512
0a76837a9d2b776c84a6283a0e4b3aac53e4a4f34b03414c9f97e8f348f7499dea15bd4d3191a768b2a568d50b03ba9265ec6dfb5b8b43e5de9939bda83648dd
-
SSDEEP
3072:It505l9tXkLcAVvvxPhS7i1iCwTr3xeT8eqtrz3Af+BOYgsI:l9t0gAVnNhqi1iCWrheYe8
Malware Config
Targets
-
-
Target
c3e2dca987254de170e9264d025b7c2ba5ddb55c42d8bc9e60df7d1ba8a29a23
-
Size
224KB
-
MD5
188c9e53f1d790ba59bf6e8137a66250
-
SHA1
b7f419825e2e644872136669c255dc4c37240a8f
-
SHA256
c3e2dca987254de170e9264d025b7c2ba5ddb55c42d8bc9e60df7d1ba8a29a23
-
SHA512
0a76837a9d2b776c84a6283a0e4b3aac53e4a4f34b03414c9f97e8f348f7499dea15bd4d3191a768b2a568d50b03ba9265ec6dfb5b8b43e5de9939bda83648dd
-
SSDEEP
3072:It505l9tXkLcAVvvxPhS7i1iCwTr3xeT8eqtrz3Af+BOYgsI:l9t0gAVnNhqi1iCWrheYe8
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-