General
-
Target
6a4a5f8cfab03293281591a6c10f874d9599558925bc5eead70fe14fda6bc91a
-
Size
122KB
-
Sample
221126-amjz9acc6t
-
MD5
de3abc441c3093de4c2a54b0e9cf828e
-
SHA1
260247cb09238b20188b04f71f7a0058cb9c45e6
-
SHA256
6a4a5f8cfab03293281591a6c10f874d9599558925bc5eead70fe14fda6bc91a
-
SHA512
e091b7b03b3ad94039b99c1eed65b4f3ec9ca2c2ed8bbc870622aea1a91252ca6bdfb15f8143772d46d236ca3c7f78ddd8a6608403764bc6f40ad1d3bd0791d1
-
SSDEEP
3072:tnDHH47khTSHz4dwqKdM6i4JGpZh37uLjudqz9d0k2:tDn440zt46i4EruLork2
Malware Config
Targets
-
-
Target
6a4a5f8cfab03293281591a6c10f874d9599558925bc5eead70fe14fda6bc91a
-
Size
122KB
-
MD5
de3abc441c3093de4c2a54b0e9cf828e
-
SHA1
260247cb09238b20188b04f71f7a0058cb9c45e6
-
SHA256
6a4a5f8cfab03293281591a6c10f874d9599558925bc5eead70fe14fda6bc91a
-
SHA512
e091b7b03b3ad94039b99c1eed65b4f3ec9ca2c2ed8bbc870622aea1a91252ca6bdfb15f8143772d46d236ca3c7f78ddd8a6608403764bc6f40ad1d3bd0791d1
-
SSDEEP
3072:tnDHH47khTSHz4dwqKdM6i4JGpZh37uLjudqz9d0k2:tDn440zt46i4EruLork2
Score8/10-
Sets DLL path for service in the registry
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-