General
-
Target
5eca6fd1de7b72b0d1e011b0706e150620b393f2d96f2bc5e5d7d64042a620ae
-
Size
448KB
-
Sample
221124-gj5k4scg67
-
MD5
531850672a8a78ac34f8507934198a63
-
SHA1
e9db0948469c790ac27febaf3eed8012701054f9
-
SHA256
5eca6fd1de7b72b0d1e011b0706e150620b393f2d96f2bc5e5d7d64042a620ae
-
SHA512
adaa36c17a5c0f3c28b784476659ff27c7664b2eaa848643c10d64c95765223aeef25889d010a3785c990afc1783bdaaf14b79aa21fca88f9a2e223908d7b233
-
SSDEEP
12288:JHICZ9iSCnm8B/Hw9pVKGCs64DVdZ3+8qFXTjm2:JoC7ijwFKlVadZ3+8qNn
Malware Config
Targets
-
-
Target
5eca6fd1de7b72b0d1e011b0706e150620b393f2d96f2bc5e5d7d64042a620ae
-
Size
448KB
-
MD5
531850672a8a78ac34f8507934198a63
-
SHA1
e9db0948469c790ac27febaf3eed8012701054f9
-
SHA256
5eca6fd1de7b72b0d1e011b0706e150620b393f2d96f2bc5e5d7d64042a620ae
-
SHA512
adaa36c17a5c0f3c28b784476659ff27c7664b2eaa848643c10d64c95765223aeef25889d010a3785c990afc1783bdaaf14b79aa21fca88f9a2e223908d7b233
-
SSDEEP
12288:JHICZ9iSCnm8B/Hw9pVKGCs64DVdZ3+8qFXTjm2:JoC7ijwFKlVadZ3+8qNn
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
UAC bypass
-
Adds policy Run key to start application
-
Blocklisted process makes network request
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-