General
-
Target
3fb0bae3a799c46fa4c2b8f82f93562c83e3de6eceb92ca57e97a72d6c93d0af
-
Size
48KB
-
Sample
221128-g38rwabh73
-
MD5
f8318872129839d320bae5509917330f
-
SHA1
2e70aec4c8fdcfe613fb7f7bf71dff62ebef13b8
-
SHA256
3fb0bae3a799c46fa4c2b8f82f93562c83e3de6eceb92ca57e97a72d6c93d0af
-
SHA512
089b3aca04c1f3e41a2d2956f496dc4c247557a3e956b81c310733257848c2530cf4c059f670e8f7f213db0767f063f4e70f5f654f5f90671fb536d7f48c10fc
-
SSDEEP
768:BZ6DFma8K6HC4kj5Jp9jrQOV/W4jcAFVLymH6SKd3j8oi4p6rSuc:+FSHHzgJL5V/Wec4OmaSs8M60
Malware Config
Targets
-
-
Target
3fb0bae3a799c46fa4c2b8f82f93562c83e3de6eceb92ca57e97a72d6c93d0af
-
Size
48KB
-
MD5
f8318872129839d320bae5509917330f
-
SHA1
2e70aec4c8fdcfe613fb7f7bf71dff62ebef13b8
-
SHA256
3fb0bae3a799c46fa4c2b8f82f93562c83e3de6eceb92ca57e97a72d6c93d0af
-
SHA512
089b3aca04c1f3e41a2d2956f496dc4c247557a3e956b81c310733257848c2530cf4c059f670e8f7f213db0767f063f4e70f5f654f5f90671fb536d7f48c10fc
-
SSDEEP
768:BZ6DFma8K6HC4kj5Jp9jrQOV/W4jcAFVLymH6SKd3j8oi4p6rSuc:+FSHHzgJL5V/Wec4OmaSs8M60
Score8/10-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Creates a Windows Service
-
Drops file in System32 directory
-