General
-
Target
e868f0304731b9f52b0db80abcdd51f053765ff71245fa1cefdbc4ac45077658
-
Size
16.9MB
-
Sample
221124-qt3zpsga43
-
MD5
bbbe7860900bbd1ea9e6a0f6f3d63c1f
-
SHA1
c58e19db13eb003f79512d2fb2f3e2c2eb8c7084
-
SHA256
e868f0304731b9f52b0db80abcdd51f053765ff71245fa1cefdbc4ac45077658
-
SHA512
ff724bfe92be3e968551c4e6878a5d682ff14f394b28aa2b03e5dc04bb3a2401721ad4cb12585cfc448c5ed725775a25db954c1c74563190559586cb1b4583f5
-
SSDEEP
393216:nex7e0UK+PCgh8h9ha83OLKlkzqH6dAZ81jrZcka/EzmrNO:no8h87ha8YKR+Acq/1o
Malware Config
Targets
-
-
Target
e868f0304731b9f52b0db80abcdd51f053765ff71245fa1cefdbc4ac45077658
-
Size
16.9MB
-
MD5
bbbe7860900bbd1ea9e6a0f6f3d63c1f
-
SHA1
c58e19db13eb003f79512d2fb2f3e2c2eb8c7084
-
SHA256
e868f0304731b9f52b0db80abcdd51f053765ff71245fa1cefdbc4ac45077658
-
SHA512
ff724bfe92be3e968551c4e6878a5d682ff14f394b28aa2b03e5dc04bb3a2401721ad4cb12585cfc448c5ed725775a25db954c1c74563190559586cb1b4583f5
-
SSDEEP
393216:nex7e0UK+PCgh8h9ha83OLKlkzqH6dAZ81jrZcka/EzmrNO:no8h87ha8YKR+Acq/1o
Score10/10-
Modifies WinLogon for persistence
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-