General
-
Target
14435ba7a2f0015db21b2736c3b7ad137835611ff8eaea29b105d036dadff88b
-
Size
108KB
-
Sample
221129-mtbzfaee31
-
MD5
c515ac89abcc0c7a8b538bc6e85c0387
-
SHA1
5ff15522ec5f4ff00ddfc4da811dbede8a6bdb5e
-
SHA256
14435ba7a2f0015db21b2736c3b7ad137835611ff8eaea29b105d036dadff88b
-
SHA512
7316b4b64102ff3539ea93a9afc7a6c10e9119a151c4064c4cae939dc6ba6dcde6ec9321ff8efefe21bc160c7d26c74ee6a6a55733c237266e28f1d535c81935
-
SSDEEP
1536:o+GXz96Wg+1yMHInTAo/visDXWBiNLk6l2xyQFtVltJQCHCPjZZf7JpU7:onbJanTAo3iOmBiN46syQFtACibVG
Malware Config
Targets
-
-
Target
14435ba7a2f0015db21b2736c3b7ad137835611ff8eaea29b105d036dadff88b
-
Size
108KB
-
MD5
c515ac89abcc0c7a8b538bc6e85c0387
-
SHA1
5ff15522ec5f4ff00ddfc4da811dbede8a6bdb5e
-
SHA256
14435ba7a2f0015db21b2736c3b7ad137835611ff8eaea29b105d036dadff88b
-
SHA512
7316b4b64102ff3539ea93a9afc7a6c10e9119a151c4064c4cae939dc6ba6dcde6ec9321ff8efefe21bc160c7d26c74ee6a6a55733c237266e28f1d535c81935
-
SSDEEP
1536:o+GXz96Wg+1yMHInTAo/visDXWBiNLk6l2xyQFtVltJQCHCPjZZf7JpU7:onbJanTAo3iOmBiN46syQFtACibVG
Score8/10-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-