General
-
Target
ac4c0143df9c70a4ad5333666a10ad936406c812c6ce97bc37e8670586dc5d79
-
Size
138KB
-
Sample
221203-25hcxsdg46
-
MD5
0a8bb10d2073dd4354b8744daf4ffe0e
-
SHA1
e81c37cb09e9f0e8c86e52ec6d7cd94f9ccfc4fe
-
SHA256
ac4c0143df9c70a4ad5333666a10ad936406c812c6ce97bc37e8670586dc5d79
-
SHA512
c6a73249a1f0be8dc6dc2aa588a670124664506bd5a44c1409a59cdc7f473f87eaae0feceab76fec0e6c6b8d5b1a898f8adae31b0ff7c14827a0229b91311b07
-
SSDEEP
3072:tF7EhNjU+Hf5AlG59WDgnmDrEnOhkR6Rv/sGw9Cg0F3jxsTuGyqb8CMlsGdJ7VwS:tF7EhN4+HhAlG59WDgnmDThkR6Rv/sGs
Malware Config
Targets
-
-
Target
ac4c0143df9c70a4ad5333666a10ad936406c812c6ce97bc37e8670586dc5d79
-
Size
138KB
-
MD5
0a8bb10d2073dd4354b8744daf4ffe0e
-
SHA1
e81c37cb09e9f0e8c86e52ec6d7cd94f9ccfc4fe
-
SHA256
ac4c0143df9c70a4ad5333666a10ad936406c812c6ce97bc37e8670586dc5d79
-
SHA512
c6a73249a1f0be8dc6dc2aa588a670124664506bd5a44c1409a59cdc7f473f87eaae0feceab76fec0e6c6b8d5b1a898f8adae31b0ff7c14827a0229b91311b07
-
SSDEEP
3072:tF7EhNjU+Hf5AlG59WDgnmDrEnOhkR6Rv/sGw9Cg0F3jxsTuGyqb8CMlsGdJ7VwS:tF7EhN4+HhAlG59WDgnmDThkR6Rv/sGs
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-