General
-
Target
1c3b271f968b45773005a216c6505f23066f4b54f2c3c7b3b000a83cdf20f041
-
Size
4.1MB
-
Sample
221127-vny6sadf92
-
MD5
ec976b857d9e92c111868d9049c425e4
-
SHA1
c32760f9e7d37a800de227416744565403f4c70e
-
SHA256
1c3b271f968b45773005a216c6505f23066f4b54f2c3c7b3b000a83cdf20f041
-
SHA512
83d1c2061520580e96dee497ecf6a3c9c8af0ae88fe6157d203fddd43d5f4cacd1507d78e6f41b32570e03e1eee80e193826cb8c0f54c0643d686c9b494c065d
-
SSDEEP
98304:cHZztJVudVKkGxbbPsGQA9037qhLqbVe1pxmo6W9pTIgbyRsS:cHZzcXnGtb7XOmcVvnsIgO2S
Malware Config
Targets
-
-
Target
1c3b271f968b45773005a216c6505f23066f4b54f2c3c7b3b000a83cdf20f041
-
Size
4.1MB
-
MD5
ec976b857d9e92c111868d9049c425e4
-
SHA1
c32760f9e7d37a800de227416744565403f4c70e
-
SHA256
1c3b271f968b45773005a216c6505f23066f4b54f2c3c7b3b000a83cdf20f041
-
SHA512
83d1c2061520580e96dee497ecf6a3c9c8af0ae88fe6157d203fddd43d5f4cacd1507d78e6f41b32570e03e1eee80e193826cb8c0f54c0643d686c9b494c065d
-
SSDEEP
98304:cHZztJVudVKkGxbbPsGQA9037qhLqbVe1pxmo6W9pTIgbyRsS:cHZzcXnGtb7XOmcVvnsIgO2S
Score8/10-
Disables Task Manager via registry modification
-
Sets file execution options in registry
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-