General
-
Target
35424f2a7588880cd318c667729b0217fa8ae592accef251b9713a396ed653a2
-
Size
935KB
-
Sample
221124-j268rsdf2s
-
MD5
499f9f1ef96f7ceaff8822a219e2d721
-
SHA1
a653e05a45f9f47651af89e34b1f856dbde82820
-
SHA256
35424f2a7588880cd318c667729b0217fa8ae592accef251b9713a396ed653a2
-
SHA512
d0e1aab02508455afb453feb0e9e940d107951e4de30a27c00b12c188d0446b34adf985310822e46d6a5b625930881cc7750c66876e96d30f818ffd3c098e5f5
-
SSDEEP
12288:ELnhM2vZsZ2NDSgB/ZVL5WxewJB6LOgPe2ubegiUAyNiRnj17+o7QLZrvXxNcs:E6WZsgVSqxVLEewn6PPSribR7+hNTXB
Malware Config
Targets
-
-
Target
35424f2a7588880cd318c667729b0217fa8ae592accef251b9713a396ed653a2
-
Size
935KB
-
MD5
499f9f1ef96f7ceaff8822a219e2d721
-
SHA1
a653e05a45f9f47651af89e34b1f856dbde82820
-
SHA256
35424f2a7588880cd318c667729b0217fa8ae592accef251b9713a396ed653a2
-
SHA512
d0e1aab02508455afb453feb0e9e940d107951e4de30a27c00b12c188d0446b34adf985310822e46d6a5b625930881cc7750c66876e96d30f818ffd3c098e5f5
-
SSDEEP
12288:ELnhM2vZsZ2NDSgB/ZVL5WxewJB6LOgPe2ubegiUAyNiRnj17+o7QLZrvXxNcs:E6WZsgVSqxVLEewn6PPSribR7+hNTXB
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-