General
-
Target
b490b8b9e0c01b6c344b6e8d331bcccca0a3d54b85faf6156015ed4993050d73
-
Size
152KB
-
Sample
221129-dl8h1aaa78
-
MD5
3aac28c504ee74b6696118482a0dfde1
-
SHA1
b9d7e8d8b41bdad1e606e13214302eb01c32432f
-
SHA256
b490b8b9e0c01b6c344b6e8d331bcccca0a3d54b85faf6156015ed4993050d73
-
SHA512
3518421f117f84ce047102bf0492e1cf6382de7968cc63d4814bdcbdb9fedb0f12fa380af9337433519493a6ab934d93ea1e669453e0d5d2537f307b4e59392a
-
SSDEEP
3072:T3TIpK9xKA9w2p4QZisLaazNiIIkyyqN4oQZiEApJ:T3spKxY+1isuazgfklcWy
Malware Config
Targets
-
-
Target
b490b8b9e0c01b6c344b6e8d331bcccca0a3d54b85faf6156015ed4993050d73
-
Size
152KB
-
MD5
3aac28c504ee74b6696118482a0dfde1
-
SHA1
b9d7e8d8b41bdad1e606e13214302eb01c32432f
-
SHA256
b490b8b9e0c01b6c344b6e8d331bcccca0a3d54b85faf6156015ed4993050d73
-
SHA512
3518421f117f84ce047102bf0492e1cf6382de7968cc63d4814bdcbdb9fedb0f12fa380af9337433519493a6ab934d93ea1e669453e0d5d2537f307b4e59392a
-
SSDEEP
3072:T3TIpK9xKA9w2p4QZisLaazNiIIkyyqN4oQZiEApJ:T3spKxY+1isuazgfklcWy
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-