General
-
Target
58a0ad0b383db918fe14bb42b380a5495112076ddd0fba72550afc94ef738ebc
-
Size
512KB
-
Sample
221127-1n7e2sfc21
-
MD5
56fc24880020d7e326acd3366275e87a
-
SHA1
8c36084f1939279c809c168f795f3e2a87b32c81
-
SHA256
58a0ad0b383db918fe14bb42b380a5495112076ddd0fba72550afc94ef738ebc
-
SHA512
b31227aa233769da0d4dd8bfe4001044e248874298ccdab78111b4eab4aa2c73dfd00b6e1f8c41c28d72e854aba0b971a9d006da37cb78be420e2a8b82bf35b1
-
SSDEEP
12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4B:0+h9OY70z+warul3E4B
Malware Config
Targets
-
-
Target
58a0ad0b383db918fe14bb42b380a5495112076ddd0fba72550afc94ef738ebc
-
Size
512KB
-
MD5
56fc24880020d7e326acd3366275e87a
-
SHA1
8c36084f1939279c809c168f795f3e2a87b32c81
-
SHA256
58a0ad0b383db918fe14bb42b380a5495112076ddd0fba72550afc94ef738ebc
-
SHA512
b31227aa233769da0d4dd8bfe4001044e248874298ccdab78111b4eab4aa2c73dfd00b6e1f8c41c28d72e854aba0b971a9d006da37cb78be420e2a8b82bf35b1
-
SSDEEP
12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4B:0+h9OY70z+warul3E4B
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-