General
-
Target
828a4c820a036613ecc929edaf1aefb757fd6e0c9a6ab29b3b79c4009c557614
-
Size
4.2MB
-
Sample
221203-2y9tlaha6x
-
MD5
82bb318c64ec044ff140934b8c69de01
-
SHA1
2e256443590559439484e2eed043970a68106d37
-
SHA256
828a4c820a036613ecc929edaf1aefb757fd6e0c9a6ab29b3b79c4009c557614
-
SHA512
3e7559f5e6a9db283c89723cf3479c5f95459d163c9bb1c13206ba7dbb8ea59965cc9f62b0c122e033c7609a36c08bc5de95ebb6fe6ef3829968936818cc672c
-
SSDEEP
98304:r85p41Wg/gEgLqSZp/GPImmf4z9vIXLF+j/ifMzBB1IXL2:h8gGqSHGPImmf4FGLUjPz1Ei
Malware Config
Targets
-
-
Target
828a4c820a036613ecc929edaf1aefb757fd6e0c9a6ab29b3b79c4009c557614
-
Size
4.2MB
-
MD5
82bb318c64ec044ff140934b8c69de01
-
SHA1
2e256443590559439484e2eed043970a68106d37
-
SHA256
828a4c820a036613ecc929edaf1aefb757fd6e0c9a6ab29b3b79c4009c557614
-
SHA512
3e7559f5e6a9db283c89723cf3479c5f95459d163c9bb1c13206ba7dbb8ea59965cc9f62b0c122e033c7609a36c08bc5de95ebb6fe6ef3829968936818cc672c
-
SSDEEP
98304:r85p41Wg/gEgLqSZp/GPImmf4z9vIXLF+j/ifMzBB1IXL2:h8gGqSHGPImmf4FGLUjPz1Ei
Score10/10-
Modifies WinLogon for persistence
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Registers COM server for autorun
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-