General
-
Target
c21838a03307cd311d7476709346d8a132861859d5eab6a638910fb73f87fc01
-
Size
743KB
-
Sample
221203-mah9eaeg3y
-
MD5
b6e08a65972c4023436c14a359fe73af
-
SHA1
611847af498d29c8e2404fc7124c994c5f4085b1
-
SHA256
c21838a03307cd311d7476709346d8a132861859d5eab6a638910fb73f87fc01
-
SHA512
569d9d02fb73d3637e35f52939436a14d09818431f7663526d6c5f08792a8390da631d64f59ddac08b53f984fc326da3431b73470a5642e5a0cbf7a686527df3
-
SSDEEP
12288:LczJJhqrVPllvKspPT3GWGqWKNiTic4RVavipq2i3e3eRYSLuzq:LczJKVdD3GzqWTec4RcEq2i3euR/uzq
Malware Config
Targets
-
-
Target
c21838a03307cd311d7476709346d8a132861859d5eab6a638910fb73f87fc01
-
Size
743KB
-
MD5
b6e08a65972c4023436c14a359fe73af
-
SHA1
611847af498d29c8e2404fc7124c994c5f4085b1
-
SHA256
c21838a03307cd311d7476709346d8a132861859d5eab6a638910fb73f87fc01
-
SHA512
569d9d02fb73d3637e35f52939436a14d09818431f7663526d6c5f08792a8390da631d64f59ddac08b53f984fc326da3431b73470a5642e5a0cbf7a686527df3
-
SSDEEP
12288:LczJJhqrVPllvKspPT3GWGqWKNiTic4RVavipq2i3e3eRYSLuzq:LczJKVdD3GzqWTec4RcEq2i3euR/uzq
Score8/10-
Executes dropped EXE
-
Possible privilege escalation attempt
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-