General
-
Target
524823233b8098895dc6f5fe7f46b47302a3a4cfe4292b77bdaf23d9affd8806
-
Size
512KB
-
Sample
221127-172nxage71
-
MD5
e8ed03e2262580807a9286527af54ff0
-
SHA1
2a4dfd5498fcc36122746292a787af5a74799f25
-
SHA256
524823233b8098895dc6f5fe7f46b47302a3a4cfe4292b77bdaf23d9affd8806
-
SHA512
90f3ca506f57f06582d1f0e90cb37359f671a35b49fc8e05a0d19e66a58459f62d3729a166ba5767f036e0d89daef4def066d4a68ae7657d5722918aec51b8bf
-
SSDEEP
12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4k:0+h9OY70z+warul3E4k
Malware Config
Targets
-
-
Target
524823233b8098895dc6f5fe7f46b47302a3a4cfe4292b77bdaf23d9affd8806
-
Size
512KB
-
MD5
e8ed03e2262580807a9286527af54ff0
-
SHA1
2a4dfd5498fcc36122746292a787af5a74799f25
-
SHA256
524823233b8098895dc6f5fe7f46b47302a3a4cfe4292b77bdaf23d9affd8806
-
SHA512
90f3ca506f57f06582d1f0e90cb37359f671a35b49fc8e05a0d19e66a58459f62d3729a166ba5767f036e0d89daef4def066d4a68ae7657d5722918aec51b8bf
-
SSDEEP
12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4k:0+h9OY70z+warul3E4k
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-