General
-
Target
cab6b123b00cc37817c4574b49df63705fa8113eaa5d2d0fdb3970a631d2ea78
-
Size
224KB
-
Sample
221129-dx8m5sed9w
-
MD5
2560a5d67ea19d2aad8b83d05bc519f8
-
SHA1
00ec3ae36521d2f0b8eaf1fa371386811b27336b
-
SHA256
cab6b123b00cc37817c4574b49df63705fa8113eaa5d2d0fdb3970a631d2ea78
-
SHA512
a914b87f3fcef2a44e7ffcf8e2fbccc01cca3ba02ba76254138fee6c776b2eaff214a9d751219090a7716ce01bc372217fab8d32247c21a22ac7022e18f9c62e
-
SSDEEP
3072:Vk6gKurd7/QtCrFmDsNk8PEcu6lHz2lM8iL/1rvQgDS7Ss5db0DYdb0D:yFSCrOsNk8PS6lbL/1zQgDS7SGbwebw
Malware Config
Targets
-
-
Target
cab6b123b00cc37817c4574b49df63705fa8113eaa5d2d0fdb3970a631d2ea78
-
Size
224KB
-
MD5
2560a5d67ea19d2aad8b83d05bc519f8
-
SHA1
00ec3ae36521d2f0b8eaf1fa371386811b27336b
-
SHA256
cab6b123b00cc37817c4574b49df63705fa8113eaa5d2d0fdb3970a631d2ea78
-
SHA512
a914b87f3fcef2a44e7ffcf8e2fbccc01cca3ba02ba76254138fee6c776b2eaff214a9d751219090a7716ce01bc372217fab8d32247c21a22ac7022e18f9c62e
-
SSDEEP
3072:Vk6gKurd7/QtCrFmDsNk8PEcu6lHz2lM8iL/1rvQgDS7Ss5db0DYdb0D:yFSCrOsNk8PS6lbL/1zQgDS7SGbwebw
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-