General
-
Target
f0af625d91fed482fc981791c579183ecb3c6862b59302ea7813f5c67fd50590
-
Size
288KB
-
Sample
221202-astrmsae9v
-
MD5
ad732828190b6d7ce8feb4807a3ef1cc
-
SHA1
bfcbd853263decde53f4c2fa5bacf3e15cdf7ee4
-
SHA256
f0af625d91fed482fc981791c579183ecb3c6862b59302ea7813f5c67fd50590
-
SHA512
376e70535702a39bd5617139d2b79051e5df14c4ac0d9efe472e7618ed35a135d3b0ee2a18ddadce89ed031f94ffd7506236ed8211486ba176523e0d702c62bf
-
SSDEEP
6144:tUAu6+2lqKhG0wF+kAbUtshbrm3X+DLKlzNgGVRwZBf5Wg9w9CXvn1OHyaFvF+5u:tCtTJabvhfm3XJ1tinTs
Malware Config
Targets
-
-
Target
f0af625d91fed482fc981791c579183ecb3c6862b59302ea7813f5c67fd50590
-
Size
288KB
-
MD5
ad732828190b6d7ce8feb4807a3ef1cc
-
SHA1
bfcbd853263decde53f4c2fa5bacf3e15cdf7ee4
-
SHA256
f0af625d91fed482fc981791c579183ecb3c6862b59302ea7813f5c67fd50590
-
SHA512
376e70535702a39bd5617139d2b79051e5df14c4ac0d9efe472e7618ed35a135d3b0ee2a18ddadce89ed031f94ffd7506236ed8211486ba176523e0d702c62bf
-
SSDEEP
6144:tUAu6+2lqKhG0wF+kAbUtshbrm3X+DLKlzNgGVRwZBf5Wg9w9CXvn1OHyaFvF+5u:tCtTJabvhfm3XJ1tinTs
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-