General
-
Target
81015af75f424ecaac311956f33dec6256a240c39b502bf009570118ea79ca26
-
Size
223KB
-
Sample
221125-pm7tmsgd56
-
MD5
a06f6a1044b712a7ca825be3e61e8340
-
SHA1
07529000b48453c1afb062f7c4ead0a024a43ba5
-
SHA256
81015af75f424ecaac311956f33dec6256a240c39b502bf009570118ea79ca26
-
SHA512
2baf97ae83dd2ee2939649a7fbf2fc1dadfa9af5631f4202ca9fb4baf28c98bbd5bf6ff5a66348eb36176b5bcf6cc502d172a9f3eeea0920ff4c846ee02be6b8
-
SSDEEP
6144:/4SUjhtRWs8deRR99pXqxteSJ7YddlM04evcce:kRWk/XqTpYd3M05vY
Malware Config
Targets
-
-
Target
81015af75f424ecaac311956f33dec6256a240c39b502bf009570118ea79ca26
-
Size
223KB
-
MD5
a06f6a1044b712a7ca825be3e61e8340
-
SHA1
07529000b48453c1afb062f7c4ead0a024a43ba5
-
SHA256
81015af75f424ecaac311956f33dec6256a240c39b502bf009570118ea79ca26
-
SHA512
2baf97ae83dd2ee2939649a7fbf2fc1dadfa9af5631f4202ca9fb4baf28c98bbd5bf6ff5a66348eb36176b5bcf6cc502d172a9f3eeea0920ff4c846ee02be6b8
-
SSDEEP
6144:/4SUjhtRWs8deRR99pXqxteSJ7YddlM04evcce:kRWk/XqTpYd3M05vY
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-