General
-
Target
abd44900f4996a2be5d14216b57d8940655783813324ba043167161ed62c393b
-
Size
29KB
-
Sample
221203-s1hy8acg54
-
MD5
cb89fe4ee9c0ccde479e9d875fdbaf09
-
SHA1
83dfafed2b624c91aab0519b9581819ccd6f2a10
-
SHA256
abd44900f4996a2be5d14216b57d8940655783813324ba043167161ed62c393b
-
SHA512
d9c787dd2b1c60da287bb1209b8693b5d68f8f9d3957727bc92e0ded64acd04f340bb0681f8134a0f405e80c963691615a2504856fb2a1c71d33e6654abb6f3e
-
SSDEEP
384:vv9j/XB736by+T9wQpZTvZoQiHoB6dLmdIum8FqXcfLc5IxmyObX5zvasZszpobr:vF5AyS3vZoBHoB6/uml6elLCtJTu7
Malware Config
Targets
-
-
Target
abd44900f4996a2be5d14216b57d8940655783813324ba043167161ed62c393b
-
Size
29KB
-
MD5
cb89fe4ee9c0ccde479e9d875fdbaf09
-
SHA1
83dfafed2b624c91aab0519b9581819ccd6f2a10
-
SHA256
abd44900f4996a2be5d14216b57d8940655783813324ba043167161ed62c393b
-
SHA512
d9c787dd2b1c60da287bb1209b8693b5d68f8f9d3957727bc92e0ded64acd04f340bb0681f8134a0f405e80c963691615a2504856fb2a1c71d33e6654abb6f3e
-
SSDEEP
384:vv9j/XB736by+T9wQpZTvZoQiHoB6dLmdIum8FqXcfLc5IxmyObX5zvasZszpobr:vF5AyS3vZoBHoB6/uml6elLCtJTu7
Score10/10-
UAC bypass
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-