General
-
Target
f6d5fec2454a4a67d6970da2d090ec65f2f120e8575c8d4173f7a360421a0ba9
-
Size
224KB
-
Sample
221202-aftk4seb68
-
MD5
ceabc2843e7943ead12131e082779b99
-
SHA1
77a92191be9291d165b18dcf50f42afa82b958f1
-
SHA256
f6d5fec2454a4a67d6970da2d090ec65f2f120e8575c8d4173f7a360421a0ba9
-
SHA512
5256b4fbd88b9002fe71f43768892ad8772b535e39d498539b475beb4df62c2b9def4374031392ddd29334ae710145e1be504a84a7c472ee0f11308096745348
-
SSDEEP
6144:MJ2rh94LT6HGy9GVCgZu6PSSgAMbWk6V5tGl50FOIMH3yf1xiPmeY8bb:MJ2Fmu6V5tGl50FOIY3yfjEV
Malware Config
Targets
-
-
Target
f6d5fec2454a4a67d6970da2d090ec65f2f120e8575c8d4173f7a360421a0ba9
-
Size
224KB
-
MD5
ceabc2843e7943ead12131e082779b99
-
SHA1
77a92191be9291d165b18dcf50f42afa82b958f1
-
SHA256
f6d5fec2454a4a67d6970da2d090ec65f2f120e8575c8d4173f7a360421a0ba9
-
SHA512
5256b4fbd88b9002fe71f43768892ad8772b535e39d498539b475beb4df62c2b9def4374031392ddd29334ae710145e1be504a84a7c472ee0f11308096745348
-
SSDEEP
6144:MJ2rh94LT6HGy9GVCgZu6PSSgAMbWk6V5tGl50FOIMH3yf1xiPmeY8bb:MJ2Fmu6V5tGl50FOIY3yfjEV
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-