General
-
Target
4dbeb5d0b48223cc303818527e0f8d2d254a9163343927516dc5723ecf5a6985
-
Size
3.3MB
-
Sample
221125-yamglsae27
-
MD5
cf4db862243ad0f7a3a62d70d12a7973
-
SHA1
51202e70c5340efb253dc23f492976c19dc945ef
-
SHA256
4dbeb5d0b48223cc303818527e0f8d2d254a9163343927516dc5723ecf5a6985
-
SHA512
d7ebc44e05ad092128a14a51c0cd5015ca74d92ef60aa529a38b2913aca148b93fb8f68116e829e3770aed0441624ac1761a47429408fae6aa0f8479364d8778
-
SSDEEP
49152:E9BfDauF3rt3g7GNBamkmmCwLtLV3viyKXtLGNWImgPIsxmHCpswILEtLr:EfTxzG7CwdV3vidSWHFCmLwr
Malware Config
Targets
-
-
Target
4dbeb5d0b48223cc303818527e0f8d2d254a9163343927516dc5723ecf5a6985
-
Size
3.3MB
-
MD5
cf4db862243ad0f7a3a62d70d12a7973
-
SHA1
51202e70c5340efb253dc23f492976c19dc945ef
-
SHA256
4dbeb5d0b48223cc303818527e0f8d2d254a9163343927516dc5723ecf5a6985
-
SHA512
d7ebc44e05ad092128a14a51c0cd5015ca74d92ef60aa529a38b2913aca148b93fb8f68116e829e3770aed0441624ac1761a47429408fae6aa0f8479364d8778
-
SSDEEP
49152:E9BfDauF3rt3g7GNBamkmmCwLtLV3viyKXtLGNWImgPIsxmHCpswILEtLr:EfTxzG7CwdV3vidSWHFCmLwr
Score8/10-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-