General
-
Target
6a40069a87848bd8ad8b40f97bd0af7c019ac97802be5dc3295459fb3af28a5a
-
Size
236KB
-
Sample
221129-dx65baed9t
-
MD5
3b7336ea13321d97b99c3700e882503b
-
SHA1
81ddec8ca46f5706347eaf638b64333b17ed53a5
-
SHA256
6a40069a87848bd8ad8b40f97bd0af7c019ac97802be5dc3295459fb3af28a5a
-
SHA512
a745ab2f447eab2be758e41a3de78cc5e04e741cadeac3bc3ec88a03188d57c10fd961d3eca74caac2f30873f2fd59cbc4eb31fd84bd58ed6b49980d444a4dfd
-
SSDEEP
6144:2YSR89HmI9OIDgMonvqELKzzazhACuzz+cp0m6:2PqGkO0oiEezzazhACuzz+cp0m6
Malware Config
Targets
-
-
Target
6a40069a87848bd8ad8b40f97bd0af7c019ac97802be5dc3295459fb3af28a5a
-
Size
236KB
-
MD5
3b7336ea13321d97b99c3700e882503b
-
SHA1
81ddec8ca46f5706347eaf638b64333b17ed53a5
-
SHA256
6a40069a87848bd8ad8b40f97bd0af7c019ac97802be5dc3295459fb3af28a5a
-
SHA512
a745ab2f447eab2be758e41a3de78cc5e04e741cadeac3bc3ec88a03188d57c10fd961d3eca74caac2f30873f2fd59cbc4eb31fd84bd58ed6b49980d444a4dfd
-
SSDEEP
6144:2YSR89HmI9OIDgMonvqELKzzazhACuzz+cp0m6:2PqGkO0oiEezzazhACuzz+cp0m6
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-