General
-
Target
adf97fa5f3b97d5cfcebc1b563c8a90e4ade92d080004579073846dfa6a21630
-
Size
255KB
-
Sample
221124-ers6yagc84
-
MD5
473e9df936b3c1c90b293fe6904fe58b
-
SHA1
ce3ddad6ddd85d255606b223d86b92f46bf7e540
-
SHA256
adf97fa5f3b97d5cfcebc1b563c8a90e4ade92d080004579073846dfa6a21630
-
SHA512
7826cdc4502f15fe76432c716782bd777b775a581852eb28396cafcc039e27c7c6ba4c8bda8ce546f5a1df3aeb2b0e4389b5547d18699dbc4c3911657ef89d1c
-
SSDEEP
6144:7UnITMpSph0lMqqgWoDhujqcQQbxJhVGvkVbOcH4CIM4:7CQMY07qgWo6VVGvkVLAF
Malware Config
Targets
-
-
Target
adf97fa5f3b97d5cfcebc1b563c8a90e4ade92d080004579073846dfa6a21630
-
Size
255KB
-
MD5
473e9df936b3c1c90b293fe6904fe58b
-
SHA1
ce3ddad6ddd85d255606b223d86b92f46bf7e540
-
SHA256
adf97fa5f3b97d5cfcebc1b563c8a90e4ade92d080004579073846dfa6a21630
-
SHA512
7826cdc4502f15fe76432c716782bd777b775a581852eb28396cafcc039e27c7c6ba4c8bda8ce546f5a1df3aeb2b0e4389b5547d18699dbc4c3911657ef89d1c
-
SSDEEP
6144:7UnITMpSph0lMqqgWoDhujqcQQbxJhVGvkVbOcH4CIM4:7CQMY07qgWo6VVGvkVLAF
Score8/10-
Modifies Installed Components in the registry
-
Registers COM server for autorun
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-