General
-
Target
ebc552eaaf6f6624f093191ab86ce3f4d17d5516bc7efc8c4d2e1409ed6f572e
-
Size
224KB
-
Sample
221129-vc9s5sba3y
-
MD5
7a4532067ecc554f4a8fb9d5d3690e58
-
SHA1
63aece0e58f9c0623e538c93ce9ed746014e9c20
-
SHA256
ebc552eaaf6f6624f093191ab86ce3f4d17d5516bc7efc8c4d2e1409ed6f572e
-
SHA512
748c128de47c17d2df3c037a85b09c78997e7163d318641f21efb951911a37a45db417d4e0933c63c802007573019e95f3bf657f452f877c694371c94f889215
-
SSDEEP
3072:OvRpGambf7/dnRyLFA0VPZGgIRF6dMnpKCnMo2RsJbJGd9QggbFtJX:OEcPZGbz6dKBLQjd93gvF
Malware Config
Targets
-
-
Target
ebc552eaaf6f6624f093191ab86ce3f4d17d5516bc7efc8c4d2e1409ed6f572e
-
Size
224KB
-
MD5
7a4532067ecc554f4a8fb9d5d3690e58
-
SHA1
63aece0e58f9c0623e538c93ce9ed746014e9c20
-
SHA256
ebc552eaaf6f6624f093191ab86ce3f4d17d5516bc7efc8c4d2e1409ed6f572e
-
SHA512
748c128de47c17d2df3c037a85b09c78997e7163d318641f21efb951911a37a45db417d4e0933c63c802007573019e95f3bf657f452f877c694371c94f889215
-
SSDEEP
3072:OvRpGambf7/dnRyLFA0VPZGgIRF6dMnpKCnMo2RsJbJGd9QggbFtJX:OEcPZGbz6dKBLQjd93gvF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-