General
-
Target
664eda6e1744488abb9343c6d5e0a311d429a808010ff775c2ba9ec3df8470cb
-
Size
94KB
-
Sample
221125-jl4gyafc9t
-
MD5
95f20d4eb3e192ec64fa541a98545e66
-
SHA1
158976504e60e800e5d543d429376cedc79be413
-
SHA256
664eda6e1744488abb9343c6d5e0a311d429a808010ff775c2ba9ec3df8470cb
-
SHA512
77d65ad3dce3edce70ace8f7f51ec057dee0b160a203c936271c5ddb0131facf6be76e41b841e1cb8f6e2428a871bd293bf2732d4adad1dcf62916b8fc0613d4
-
SSDEEP
768:80862W60gLa1PgME3LsGU9M7+EwAE1evVaYxXY0TvmIF:cNVLaDE3wGAi+EW4zX9bmIF
Malware Config
Targets
-
-
Target
664eda6e1744488abb9343c6d5e0a311d429a808010ff775c2ba9ec3df8470cb
-
Size
94KB
-
MD5
95f20d4eb3e192ec64fa541a98545e66
-
SHA1
158976504e60e800e5d543d429376cedc79be413
-
SHA256
664eda6e1744488abb9343c6d5e0a311d429a808010ff775c2ba9ec3df8470cb
-
SHA512
77d65ad3dce3edce70ace8f7f51ec057dee0b160a203c936271c5ddb0131facf6be76e41b841e1cb8f6e2428a871bd293bf2732d4adad1dcf62916b8fc0613d4
-
SSDEEP
768:80862W60gLa1PgME3LsGU9M7+EwAE1evVaYxXY0TvmIF:cNVLaDE3wGAi+EW4zX9bmIF
Score10/10-
Modifies firewall policy service
-
Modifies Windows Firewall
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-