General
-
Target
68b088a72612eff6fa4524f3705cfdcb20306af87d0174ca8a5462f1cad4cdae
-
Size
239KB
-
Sample
221129-pk5aqsca9x
-
MD5
7cd98f39dc8fe370ba486f19b0540d6a
-
SHA1
f45359b5a44e535b64c946c2f5885bd77067265d
-
SHA256
68b088a72612eff6fa4524f3705cfdcb20306af87d0174ca8a5462f1cad4cdae
-
SHA512
90ce3d24b8aa189d91703b14472b40485c5111e238a9a32db349330ab2f38479265948df3e2df2e901cd6e6acdec212f74224b3386c8f7a9ae6b0a08ff7b8e09
-
SSDEEP
3072:JBAp5XhKpN4eOyVTGfhEClj8jTk+0hqIgMKTNRBh+Cgw5CKHK:MbXE9OiTGfhEClq9nlNEJJUK
Malware Config
Targets
-
-
Target
68b088a72612eff6fa4524f3705cfdcb20306af87d0174ca8a5462f1cad4cdae
-
Size
239KB
-
MD5
7cd98f39dc8fe370ba486f19b0540d6a
-
SHA1
f45359b5a44e535b64c946c2f5885bd77067265d
-
SHA256
68b088a72612eff6fa4524f3705cfdcb20306af87d0174ca8a5462f1cad4cdae
-
SHA512
90ce3d24b8aa189d91703b14472b40485c5111e238a9a32db349330ab2f38479265948df3e2df2e901cd6e6acdec212f74224b3386c8f7a9ae6b0a08ff7b8e09
-
SSDEEP
3072:JBAp5XhKpN4eOyVTGfhEClj8jTk+0hqIgMKTNRBh+Cgw5CKHK:MbXE9OiTGfhEClq9nlNEJJUK
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-