General
-
Target
b968526947f07f57fff6cfa11529dcc5634620b9287bc8faf655609e9ba55f30
-
Size
28KB
-
Sample
221203-hbekdscc97
-
MD5
802eeb806840b92429ee9c8db80db2a1
-
SHA1
8421ff58f955609e858aa37d13337f85ed57c597
-
SHA256
b968526947f07f57fff6cfa11529dcc5634620b9287bc8faf655609e9ba55f30
-
SHA512
ae95b5637cac7f5d5ec7f550ca3f6d866efb6a1fb0da50c46ce3d3d9f2db3ab2a4366f9ed768b7c40aa1ea96f52115a6eb8ed4489a1276960bab170776c422a3
-
SSDEEP
384:NyD9VcAYAn59dt06UBDhsxudtK7OVTN2W8HXVEu59uLS5U/ANpp4DGd7ezmKKZNL:NyDFn5WDhsiK7Ad8HXVEu5TWIwG/vOa
Malware Config
Targets
-
-
Target
b968526947f07f57fff6cfa11529dcc5634620b9287bc8faf655609e9ba55f30
-
Size
28KB
-
MD5
802eeb806840b92429ee9c8db80db2a1
-
SHA1
8421ff58f955609e858aa37d13337f85ed57c597
-
SHA256
b968526947f07f57fff6cfa11529dcc5634620b9287bc8faf655609e9ba55f30
-
SHA512
ae95b5637cac7f5d5ec7f550ca3f6d866efb6a1fb0da50c46ce3d3d9f2db3ab2a4366f9ed768b7c40aa1ea96f52115a6eb8ed4489a1276960bab170776c422a3
-
SSDEEP
384:NyD9VcAYAn59dt06UBDhsxudtK7OVTN2W8HXVEu59uLS5U/ANpp4DGd7ezmKKZNL:NyDFn5WDhsiK7Ad8HXVEu5TWIwG/vOa
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-