General
-
Target
5a3ffc6a89772bf529cd4dd8df0ac340db29974f000120ccfab2b2ae267abbb3
-
Size
122KB
-
Sample
221127-pqy1xacb4s
-
MD5
9af7d469610185bfa0d6b4e420339f4e
-
SHA1
1c51549da0de81a4bca01859323ce8c6d84d5c15
-
SHA256
5a3ffc6a89772bf529cd4dd8df0ac340db29974f000120ccfab2b2ae267abbb3
-
SHA512
b499d355ccb783213936a62b19a060a28dc141ddd5b5c0875837b7d13551990fb3368204d518f25834f3305aac7f5673d9cee4bba760853298eb490b155fabaf
-
SSDEEP
3072:bnDHH47khTSHz4dwqKdM6i4JGpZh37uLjudqz9d0kj:bDn440zt46i4EruLorkj
Malware Config
Targets
-
-
Target
5a3ffc6a89772bf529cd4dd8df0ac340db29974f000120ccfab2b2ae267abbb3
-
Size
122KB
-
MD5
9af7d469610185bfa0d6b4e420339f4e
-
SHA1
1c51549da0de81a4bca01859323ce8c6d84d5c15
-
SHA256
5a3ffc6a89772bf529cd4dd8df0ac340db29974f000120ccfab2b2ae267abbb3
-
SHA512
b499d355ccb783213936a62b19a060a28dc141ddd5b5c0875837b7d13551990fb3368204d518f25834f3305aac7f5673d9cee4bba760853298eb490b155fabaf
-
SSDEEP
3072:bnDHH47khTSHz4dwqKdM6i4JGpZh37uLjudqz9d0kj:bDn440zt46i4EruLorkj
Score8/10-
Sets DLL path for service in the registry
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-