General
-
Target
96a271a1a1e84c79445a86bb14104ccb7befb638d7acc6568b8ca194108c7dc5
-
Size
280KB
-
Sample
221124-anxbzaab3w
-
MD5
00b2e7de93cf2ed6cf3256a13abee590
-
SHA1
6085dc5a474eb0f2227f087229254e18e463124b
-
SHA256
96a271a1a1e84c79445a86bb14104ccb7befb638d7acc6568b8ca194108c7dc5
-
SHA512
ab3df3f6e6bd2b97bfaf8b1945870a91ee06eb39ccd9e7c62dfdd0a7dca897b33e1370bc9c840219bd5af949080f64de93119df59838fedab6b561774fb23784
-
SSDEEP
6144:xukxmeVgmMShs16HVX1dnzPSozcvOdJgBCq1sT7CqEE9Xmjl5ZXRC6sZnG:xukxmeVgmlzCOdJgBjsT7CqE5C64nG
Malware Config
Targets
-
-
Target
96a271a1a1e84c79445a86bb14104ccb7befb638d7acc6568b8ca194108c7dc5
-
Size
280KB
-
MD5
00b2e7de93cf2ed6cf3256a13abee590
-
SHA1
6085dc5a474eb0f2227f087229254e18e463124b
-
SHA256
96a271a1a1e84c79445a86bb14104ccb7befb638d7acc6568b8ca194108c7dc5
-
SHA512
ab3df3f6e6bd2b97bfaf8b1945870a91ee06eb39ccd9e7c62dfdd0a7dca897b33e1370bc9c840219bd5af949080f64de93119df59838fedab6b561774fb23784
-
SSDEEP
6144:xukxmeVgmMShs16HVX1dnzPSozcvOdJgBCq1sT7CqEE9Xmjl5ZXRC6sZnG:xukxmeVgmlzCOdJgBjsT7CqE5C64nG
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-