General
-
Target
48d192ac7197e3fcb1aa8d6b46a0cab2d41343e1630a190d4ca433b4eecddd3d
-
Size
259KB
-
Sample
221126-kjn5xaaa5v
-
MD5
a20d46664d06744d2515d69eeff57508
-
SHA1
7c1dd71389b6661c36f7c0d64531d03c4e71fc29
-
SHA256
48d192ac7197e3fcb1aa8d6b46a0cab2d41343e1630a190d4ca433b4eecddd3d
-
SHA512
60bf71e7b80e447e2a9197ff365805d8e5e257b3f4f3787b6fb9940a9d40f710d5880f1910689d5f8cbe79cbbb1f4478afc6aa3eb134b61b3b741c4ab1e268cf
-
SSDEEP
1536:ltPixznncp3vKONOI0Z/IY9Vt1jFmyBoI9uAnBSGFeXA9jJbZjwSrSMLDhKOzxf2:bPixnncpSONDyRTkwQAbOCzNx/TtOLf
Malware Config
Targets
-
-
Target
48d192ac7197e3fcb1aa8d6b46a0cab2d41343e1630a190d4ca433b4eecddd3d
-
Size
259KB
-
MD5
a20d46664d06744d2515d69eeff57508
-
SHA1
7c1dd71389b6661c36f7c0d64531d03c4e71fc29
-
SHA256
48d192ac7197e3fcb1aa8d6b46a0cab2d41343e1630a190d4ca433b4eecddd3d
-
SHA512
60bf71e7b80e447e2a9197ff365805d8e5e257b3f4f3787b6fb9940a9d40f710d5880f1910689d5f8cbe79cbbb1f4478afc6aa3eb134b61b3b741c4ab1e268cf
-
SSDEEP
1536:ltPixznncp3vKONOI0Z/IY9Vt1jFmyBoI9uAnBSGFeXA9jJbZjwSrSMLDhKOzxf2:bPixnncpSONDyRTkwQAbOCzNx/TtOLf
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-