General
-
Target
e3c4586bf39ea12a187e4259b29fcbbd9849b351d2655abed35780f7437907d6
-
Size
82KB
-
Sample
221124-wfeb3sde7t
-
MD5
df633f706650a4903a63a43b35cf9452
-
SHA1
36c823faa697941c6d02ed0d424e9b842e8906e5
-
SHA256
e3c4586bf39ea12a187e4259b29fcbbd9849b351d2655abed35780f7437907d6
-
SHA512
e7af1210acac41e73915a3c56ba1bd9f5059c6388a8bc63e8fc79b034207d7c6c3db54d80ec6adf3311d480b1c00ec8cc118422aceb98127e68093e359ddd466
-
SSDEEP
1536:H2fwoPQ87fs6QJ8nebN5BfLn9o9r++nu8X/phR0p8/Q:gHC8ebNbfZo9rfpPphY8/Q
Malware Config
Targets
-
-
Target
e3c4586bf39ea12a187e4259b29fcbbd9849b351d2655abed35780f7437907d6
-
Size
82KB
-
MD5
df633f706650a4903a63a43b35cf9452
-
SHA1
36c823faa697941c6d02ed0d424e9b842e8906e5
-
SHA256
e3c4586bf39ea12a187e4259b29fcbbd9849b351d2655abed35780f7437907d6
-
SHA512
e7af1210acac41e73915a3c56ba1bd9f5059c6388a8bc63e8fc79b034207d7c6c3db54d80ec6adf3311d480b1c00ec8cc118422aceb98127e68093e359ddd466
-
SSDEEP
1536:H2fwoPQ87fs6QJ8nebN5BfLn9o9r++nu8X/phR0p8/Q:gHC8ebNbfZo9rfpPphY8/Q
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-