General
-
Target
ffb9ba821cd0568e49e14db738158167c451e4747871339875f47d10e105132d
-
Size
132KB
-
Sample
221128-dap8aahg69
-
MD5
acdb106a9198ea196969ddba272a460e
-
SHA1
9d246c7c3a0ea14ebe888015596964440606748b
-
SHA256
ffb9ba821cd0568e49e14db738158167c451e4747871339875f47d10e105132d
-
SHA512
5397f6cd799ebb4623e73a5b5ad361977d5508bd3465fd84ce11af6ab2b37eca23e005efde70e84d1ac379373fc0171af722d6741cfd27023680ec1c121f3590
-
SSDEEP
3072:fEJ4oxJrPhqrrm8Hj7ijhOHr3QVdAdjdrl2K98gXZsQ45GBdX8ckFQLGLCM:fIXxgGj5M/kFQLGLC
Malware Config
Targets
-
-
Target
ffb9ba821cd0568e49e14db738158167c451e4747871339875f47d10e105132d
-
Size
132KB
-
MD5
acdb106a9198ea196969ddba272a460e
-
SHA1
9d246c7c3a0ea14ebe888015596964440606748b
-
SHA256
ffb9ba821cd0568e49e14db738158167c451e4747871339875f47d10e105132d
-
SHA512
5397f6cd799ebb4623e73a5b5ad361977d5508bd3465fd84ce11af6ab2b37eca23e005efde70e84d1ac379373fc0171af722d6741cfd27023680ec1c121f3590
-
SSDEEP
3072:fEJ4oxJrPhqrrm8Hj7ijhOHr3QVdAdjdrl2K98gXZsQ45GBdX8ckFQLGLCM:fIXxgGj5M/kFQLGLC
Score10/10-
UAC bypass
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks whether UAC is enabled
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-