General
-
Target
a2b74bbf07c32c440a3cb903d871823a618521b9364d73dea7f2a8f5b4cf0bfc
-
Size
140KB
-
Sample
221127-qflhhadh9w
-
MD5
5c37c82ce6248d5eaea227cf174a7220
-
SHA1
125f1fb1df8fd19150ebb38082c44417f40d256c
-
SHA256
a2b74bbf07c32c440a3cb903d871823a618521b9364d73dea7f2a8f5b4cf0bfc
-
SHA512
b06e59993b32cac4703f13bafb22ef56db54e5cb759e2785ea2c6dee55a29be5a898ce97fb73e83a71368f6378f3dd528472bfb1c61ce13d53d1416380066c15
-
SSDEEP
3072:/b4s/l8iiDXiYukRy9Vd746gh4Z91gCBzTz4y3/UHj7Nzspl+fXo:/B/l0Xi3uyJ7Mhy9dx3s3f4
Malware Config
Targets
-
-
Target
a2b74bbf07c32c440a3cb903d871823a618521b9364d73dea7f2a8f5b4cf0bfc
-
Size
140KB
-
MD5
5c37c82ce6248d5eaea227cf174a7220
-
SHA1
125f1fb1df8fd19150ebb38082c44417f40d256c
-
SHA256
a2b74bbf07c32c440a3cb903d871823a618521b9364d73dea7f2a8f5b4cf0bfc
-
SHA512
b06e59993b32cac4703f13bafb22ef56db54e5cb759e2785ea2c6dee55a29be5a898ce97fb73e83a71368f6378f3dd528472bfb1c61ce13d53d1416380066c15
-
SSDEEP
3072:/b4s/l8iiDXiYukRy9Vd746gh4Z91gCBzTz4y3/UHj7Nzspl+fXo:/B/l0Xi3uyJ7Mhy9dx3s3f4
Score8/10-
Sets DLL path for service in the registry
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-