General
-
Target
788d766f3022381940d71264cb235e771b3eeacdd6cccc5b541b1dfadc6023de
-
Size
176KB
-
Sample
221126-crvnnahf2t
-
MD5
3b5e197a2875bcb66533294db4141a56
-
SHA1
c818ebf323af988b21b5e8771543096317dd7f94
-
SHA256
788d766f3022381940d71264cb235e771b3eeacdd6cccc5b541b1dfadc6023de
-
SHA512
b1f55efd0ff2501bfd7131df50012b1cd8ca204f2dd6cf416f2760416934181b30691ea5ce80e48f45de57423bc4a297f3a2b9e0803a5e9bae14ae141d9fb9a5
-
SSDEEP
3072:zEkPZgwZP3sQoYuf8pgcQWKg8vD3HGxK0roILGXq26xhxLGdV6wF/9snGa45o9sF:zzP3sQFuf8pgcQWKg8vD3HGxK0roSGXh
Malware Config
Targets
-
-
Target
788d766f3022381940d71264cb235e771b3eeacdd6cccc5b541b1dfadc6023de
-
Size
176KB
-
MD5
3b5e197a2875bcb66533294db4141a56
-
SHA1
c818ebf323af988b21b5e8771543096317dd7f94
-
SHA256
788d766f3022381940d71264cb235e771b3eeacdd6cccc5b541b1dfadc6023de
-
SHA512
b1f55efd0ff2501bfd7131df50012b1cd8ca204f2dd6cf416f2760416934181b30691ea5ce80e48f45de57423bc4a297f3a2b9e0803a5e9bae14ae141d9fb9a5
-
SSDEEP
3072:zEkPZgwZP3sQoYuf8pgcQWKg8vD3HGxK0roILGXq26xhxLGdV6wF/9snGa45o9sF:zzP3sQFuf8pgcQWKg8vD3HGxK0roSGXh
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-