General
-
Target
8539200ce4a8a629b0460d45a878d8389534c8a93a266641cfd1813792ce109e
-
Size
871KB
-
Sample
221126-kynspaff39
-
MD5
8e4e5f80d4bec7dc4e3b0055f803d9d1
-
SHA1
bc9d2c09cd42172b697714225cace127d29b50ea
-
SHA256
8539200ce4a8a629b0460d45a878d8389534c8a93a266641cfd1813792ce109e
-
SHA512
3f5ece6fbc58dec149e0bf5d67895055e7314a59b3478eacf223a0e20f5aaf2730cb22250a571740cb5510b24131c8f18b6600b97809b94550a3f92e3bd5b22d
-
SSDEEP
24576:OdYJ4Zs7JAaWf66BCaVquMNy2CPtQUL2in:OdY+slAdfLFN2bUKi
Malware Config
Targets
-
-
Target
8539200ce4a8a629b0460d45a878d8389534c8a93a266641cfd1813792ce109e
-
Size
871KB
-
MD5
8e4e5f80d4bec7dc4e3b0055f803d9d1
-
SHA1
bc9d2c09cd42172b697714225cace127d29b50ea
-
SHA256
8539200ce4a8a629b0460d45a878d8389534c8a93a266641cfd1813792ce109e
-
SHA512
3f5ece6fbc58dec149e0bf5d67895055e7314a59b3478eacf223a0e20f5aaf2730cb22250a571740cb5510b24131c8f18b6600b97809b94550a3f92e3bd5b22d
-
SSDEEP
24576:OdYJ4Zs7JAaWf66BCaVquMNy2CPtQUL2in:OdY+slAdfLFN2bUKi
Score10/10-
Modifies WinLogon for persistence
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-