General
-
Target
7f5ff5631d39ac56e58d81bf4add4db090824accfd843c617adfd9b11f628489
-
Size
140KB
-
Sample
221129-hysersfh42
-
MD5
2986b17992a2d9ffad87fd601c685977
-
SHA1
01a5a995304b78a44516d608490ddbe95a497e26
-
SHA256
7f5ff5631d39ac56e58d81bf4add4db090824accfd843c617adfd9b11f628489
-
SHA512
a3d27b739981a4c6981772b7cfbcefef738e6ad2975e826c00cc20e4e3c519ddf5696d945031fb0dcebef5bb54b11b1e7f39961dd292bd2312b5840fc96acff5
-
SSDEEP
3072:Hb4s/l8iiDXiYukRy9Vd746gh4Z91gCBzTz4y3/UHj7Nzspl+fX/:HB/l0Xi3uyJ7Mhy9dx3s3fv
Malware Config
Targets
-
-
Target
7f5ff5631d39ac56e58d81bf4add4db090824accfd843c617adfd9b11f628489
-
Size
140KB
-
MD5
2986b17992a2d9ffad87fd601c685977
-
SHA1
01a5a995304b78a44516d608490ddbe95a497e26
-
SHA256
7f5ff5631d39ac56e58d81bf4add4db090824accfd843c617adfd9b11f628489
-
SHA512
a3d27b739981a4c6981772b7cfbcefef738e6ad2975e826c00cc20e4e3c519ddf5696d945031fb0dcebef5bb54b11b1e7f39961dd292bd2312b5840fc96acff5
-
SSDEEP
3072:Hb4s/l8iiDXiYukRy9Vd746gh4Z91gCBzTz4y3/UHj7Nzspl+fX/:HB/l0Xi3uyJ7Mhy9dx3s3fv
Score8/10-
Sets DLL path for service in the registry
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-