General
-
Target
42d90c473a6700bda3c57cb476d718ef99c508d710e1536bc37aeb659ddb6ced
-
Size
104KB
-
Sample
221125-crm9ksec49
-
MD5
784a247d1a24d3eda920b47019c579d8
-
SHA1
6ff1a18702a4dd19b210b54f38df8974fe4691f0
-
SHA256
42d90c473a6700bda3c57cb476d718ef99c508d710e1536bc37aeb659ddb6ced
-
SHA512
736e640a109f5f7f03f47df5febe7059ab386ed5969725f1688e526913798f7c578170ac399b6c18b09a34a58a1d97ed3e6a82bbdc93a24f1d12c83a6b60a3d4
-
SSDEEP
1536:w+81njDm8usjuCwq9rvB0q9SezU+ORYqQ68xwP2wgGKh/rCRVhHX:wX1nm9evB0pi61gGKheRbH
Malware Config
Targets
-
-
Target
42d90c473a6700bda3c57cb476d718ef99c508d710e1536bc37aeb659ddb6ced
-
Size
104KB
-
MD5
784a247d1a24d3eda920b47019c579d8
-
SHA1
6ff1a18702a4dd19b210b54f38df8974fe4691f0
-
SHA256
42d90c473a6700bda3c57cb476d718ef99c508d710e1536bc37aeb659ddb6ced
-
SHA512
736e640a109f5f7f03f47df5febe7059ab386ed5969725f1688e526913798f7c578170ac399b6c18b09a34a58a1d97ed3e6a82bbdc93a24f1d12c83a6b60a3d4
-
SSDEEP
1536:w+81njDm8usjuCwq9rvB0q9SezU+ORYqQ68xwP2wgGKh/rCRVhHX:wX1nm9evB0pi61gGKheRbH
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-