General
-
Target
c1603483ddb9b700c475f50986ea5d6b6150d1671595de641bddb1337f076565
-
Size
480KB
-
Sample
221128-ggf5qsac66
-
MD5
69761c07f4f9a1cd77436959f6e2ad2c
-
SHA1
ca64901f960e40a7e3f6a825ffe69b6f1232e9cd
-
SHA256
c1603483ddb9b700c475f50986ea5d6b6150d1671595de641bddb1337f076565
-
SHA512
e6e090d50fb0806fe1b72f84ce7c7e30e5124369507376010411d593e74d5f260925c0d05ee1bf97a2924ce72a2536a284e847c2ac4aecc631e3ac45652ccb8f
-
SSDEEP
6144:k3iivPlrTo8JNYWnvivcPW5aKLriEWyxzRWfGPyP7WXQaUhUqhlIZh:filJNYCULxviGBRcUyyX/2lI
Malware Config
Targets
-
-
Target
c1603483ddb9b700c475f50986ea5d6b6150d1671595de641bddb1337f076565
-
Size
480KB
-
MD5
69761c07f4f9a1cd77436959f6e2ad2c
-
SHA1
ca64901f960e40a7e3f6a825ffe69b6f1232e9cd
-
SHA256
c1603483ddb9b700c475f50986ea5d6b6150d1671595de641bddb1337f076565
-
SHA512
e6e090d50fb0806fe1b72f84ce7c7e30e5124369507376010411d593e74d5f260925c0d05ee1bf97a2924ce72a2536a284e847c2ac4aecc631e3ac45652ccb8f
-
SSDEEP
6144:k3iivPlrTo8JNYWnvivcPW5aKLriEWyxzRWfGPyP7WXQaUhUqhlIZh:filJNYCULxviGBRcUyyX/2lI
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-