General
-
Target
19edce478b816ebfcb1bb24e17caa7038441a54ce5ffc69252906434be7804f7
-
Size
804KB
-
Sample
221125-szqbxabg3y
-
MD5
215a73694f6bf62eeb0914c9c7a9e14a
-
SHA1
6b10634feb8c3ecf7ea30e082611afc0d5f02507
-
SHA256
19edce478b816ebfcb1bb24e17caa7038441a54ce5ffc69252906434be7804f7
-
SHA512
7db0879b93987fbb94cc432900a30e42ed304cd172f96e78b629184c3378db17058f8adca5d3cb9b57c5273e59875753711326184c95c36b75c09e01a8fcc052
-
SSDEEP
24576:omOMSPEGXtj8ykbNp9njOjAjaeYfso5zOz8:GPvt29nbuegaz8
Malware Config
Targets
-
-
Target
19edce478b816ebfcb1bb24e17caa7038441a54ce5ffc69252906434be7804f7
-
Size
804KB
-
MD5
215a73694f6bf62eeb0914c9c7a9e14a
-
SHA1
6b10634feb8c3ecf7ea30e082611afc0d5f02507
-
SHA256
19edce478b816ebfcb1bb24e17caa7038441a54ce5ffc69252906434be7804f7
-
SHA512
7db0879b93987fbb94cc432900a30e42ed304cd172f96e78b629184c3378db17058f8adca5d3cb9b57c5273e59875753711326184c95c36b75c09e01a8fcc052
-
SSDEEP
24576:omOMSPEGXtj8ykbNp9njOjAjaeYfso5zOz8:GPvt29nbuegaz8
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-