General
-
Target
8448ff0c0e6d67eefa426a4c15b328c9f8ec14d1749d8c290558372dd137d4fc
-
Size
3.3MB
-
Sample
221124-rw4vfsag29
-
MD5
23f308c35ee8d6ae51d17578963303db
-
SHA1
d2e3c5f835dc57b1e796d5743323fbefe80bbea9
-
SHA256
8448ff0c0e6d67eefa426a4c15b328c9f8ec14d1749d8c290558372dd137d4fc
-
SHA512
1727585262b79cd1009947c089a64dc378e14ba51b4f5433e79570006e9d346af7ba604117aa0daf294db89287557cb50b29930d5cc26e15a60d460545586c91
-
SSDEEP
98304:p3YobVRxj94j/JpY6A7PFLiWg5RxjUZz/:VYeujnY6aIrYZ7
Malware Config
Targets
-
-
Target
8448ff0c0e6d67eefa426a4c15b328c9f8ec14d1749d8c290558372dd137d4fc
-
Size
3.3MB
-
MD5
23f308c35ee8d6ae51d17578963303db
-
SHA1
d2e3c5f835dc57b1e796d5743323fbefe80bbea9
-
SHA256
8448ff0c0e6d67eefa426a4c15b328c9f8ec14d1749d8c290558372dd137d4fc
-
SHA512
1727585262b79cd1009947c089a64dc378e14ba51b4f5433e79570006e9d346af7ba604117aa0daf294db89287557cb50b29930d5cc26e15a60d460545586c91
-
SSDEEP
98304:p3YobVRxj94j/JpY6A7PFLiWg5RxjUZz/:VYeujnY6aIrYZ7
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-