General
-
Target
67e92f935f79f90ca3c281bbbec60ef22c61c20b1aafa40d80ad577969b151b9
-
Size
140KB
-
Sample
221127-sttr5sge86
-
MD5
aaa699762994c30347894ec414c40557
-
SHA1
446f4af57fbe1545f07fdd112ffebb76322acc97
-
SHA256
67e92f935f79f90ca3c281bbbec60ef22c61c20b1aafa40d80ad577969b151b9
-
SHA512
526775953fdc35b4b7c5ccf5a83e66e4e463c6b5b6370777670dc54b61f415a19f2f8269ee877ad208b51d6cde9fdded6d1ec6f9038843a6f5de8d39742e58cb
-
SSDEEP
3072:pb4s/l8iiDXiYukRy9Vd746gh4Z91gCBzTz4y3/UHj7Nzspl+fX:pB/l0Xi3uyJ7Mhy9dx3s3f
Malware Config
Targets
-
-
Target
67e92f935f79f90ca3c281bbbec60ef22c61c20b1aafa40d80ad577969b151b9
-
Size
140KB
-
MD5
aaa699762994c30347894ec414c40557
-
SHA1
446f4af57fbe1545f07fdd112ffebb76322acc97
-
SHA256
67e92f935f79f90ca3c281bbbec60ef22c61c20b1aafa40d80ad577969b151b9
-
SHA512
526775953fdc35b4b7c5ccf5a83e66e4e463c6b5b6370777670dc54b61f415a19f2f8269ee877ad208b51d6cde9fdded6d1ec6f9038843a6f5de8d39742e58cb
-
SSDEEP
3072:pb4s/l8iiDXiYukRy9Vd746gh4Z91gCBzTz4y3/UHj7Nzspl+fX:pB/l0Xi3uyJ7Mhy9dx3s3f
Score8/10-
Sets DLL path for service in the registry
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-