General
-
Target
481a731ba935c8b42d3304476a9977888b3649dc797e6817d8c4854cb3aa0604
-
Size
106KB
-
Sample
221129-lberyaaa2w
-
MD5
1011b88ddcca478ae5545598bbe7a860
-
SHA1
5094d9b90ad9ce3e6fd8490dbf94dfd7e21070e2
-
SHA256
481a731ba935c8b42d3304476a9977888b3649dc797e6817d8c4854cb3aa0604
-
SHA512
71fad2ef8d073cf84b4a13d78f7fd9cf245eb7b7feb4bc843378d6acff136a5c23b73ddde52ad06559ae1c1d036540bb384979ac78ac9f3feb94335552dcedbd
-
SSDEEP
3072:7YBjzosGnQpOe237XE35XeE79enCiM5cEwDjAS+p:XsGQwb37XE3ZeykGnqES+p
Malware Config
Targets
-
-
Target
481a731ba935c8b42d3304476a9977888b3649dc797e6817d8c4854cb3aa0604
-
Size
106KB
-
MD5
1011b88ddcca478ae5545598bbe7a860
-
SHA1
5094d9b90ad9ce3e6fd8490dbf94dfd7e21070e2
-
SHA256
481a731ba935c8b42d3304476a9977888b3649dc797e6817d8c4854cb3aa0604
-
SHA512
71fad2ef8d073cf84b4a13d78f7fd9cf245eb7b7feb4bc843378d6acff136a5c23b73ddde52ad06559ae1c1d036540bb384979ac78ac9f3feb94335552dcedbd
-
SSDEEP
3072:7YBjzosGnQpOe237XE35XeE79enCiM5cEwDjAS+p:XsGQwb37XE3ZeykGnqES+p
Score8/10-
Sets DLL path for service in the registry
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-