General
-
Target
48734ef4a1bbe93dde3fd16ca5f38a2493795b1b504a4590bfc262f31cab6dcb
-
Size
683KB
-
Sample
221124-nztxwabg82
-
MD5
76b0bb199c1d86fb73e344c4e0e17294
-
SHA1
2c5f4ddf74827ddd40a1735df1f2e35e72d2de2f
-
SHA256
48734ef4a1bbe93dde3fd16ca5f38a2493795b1b504a4590bfc262f31cab6dcb
-
SHA512
5c29272743a9673f2be1908604bdb0eb251b1e1c11d12263351d32dd434b9eed377479e88245658033f1902ce8c03b1fd224e1e377cbca3e0f47ed2fe83d2182
-
SSDEEP
12288:M/aUsuYachgVK4wc7FUHUAFp+DHvMsvVRIwjiSuv2K6P1XrMfrvNoYTbnom5fEV:WaUxvxK4w37p+DR4wluv2bxSVBXom5s
Malware Config
Targets
-
-
Target
48734ef4a1bbe93dde3fd16ca5f38a2493795b1b504a4590bfc262f31cab6dcb
-
Size
683KB
-
MD5
76b0bb199c1d86fb73e344c4e0e17294
-
SHA1
2c5f4ddf74827ddd40a1735df1f2e35e72d2de2f
-
SHA256
48734ef4a1bbe93dde3fd16ca5f38a2493795b1b504a4590bfc262f31cab6dcb
-
SHA512
5c29272743a9673f2be1908604bdb0eb251b1e1c11d12263351d32dd434b9eed377479e88245658033f1902ce8c03b1fd224e1e377cbca3e0f47ed2fe83d2182
-
SSDEEP
12288:M/aUsuYachgVK4wc7FUHUAFp+DHvMsvVRIwjiSuv2K6P1XrMfrvNoYTbnom5fEV:WaUxvxK4w37p+DR4wluv2bxSVBXom5s
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-