General
-
Target
761c471e80d3c44febc76a8f7108744fd1aa07b646d5f37c7608714c1a8c42d6
-
Size
3.2MB
-
Sample
221126-ez8xcsfa6s
-
MD5
a87419a7b8cd42c04abc321896475347
-
SHA1
6849c85576f911e7b4db746ceefa74845f4d7bdc
-
SHA256
761c471e80d3c44febc76a8f7108744fd1aa07b646d5f37c7608714c1a8c42d6
-
SHA512
47082bc2fe9aacb2dcce925c775a939c6f57cdba202dd07d7a160e5401d42e650e46c3d46d0d85aceb05d6249f1f652b16d2cd06fbfaba9eb7343676cecb1a8a
-
SSDEEP
98304:Gc//////ArnXSjOFrpgpu4iBM2YlLatY3gb4qXzDuxTyqm:WrnXSSFrpgc41Jlmt8/qXuxT8
Malware Config
Targets
-
-
Target
761c471e80d3c44febc76a8f7108744fd1aa07b646d5f37c7608714c1a8c42d6
-
Size
3.2MB
-
MD5
a87419a7b8cd42c04abc321896475347
-
SHA1
6849c85576f911e7b4db746ceefa74845f4d7bdc
-
SHA256
761c471e80d3c44febc76a8f7108744fd1aa07b646d5f37c7608714c1a8c42d6
-
SHA512
47082bc2fe9aacb2dcce925c775a939c6f57cdba202dd07d7a160e5401d42e650e46c3d46d0d85aceb05d6249f1f652b16d2cd06fbfaba9eb7343676cecb1a8a
-
SSDEEP
98304:Gc//////ArnXSjOFrpgpu4iBM2YlLatY3gb4qXzDuxTyqm:WrnXSSFrpgc41Jlmt8/qXuxT8
Score8/10-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-