General
-
Target
e17512e7361167f13914116399d133338b237ac9c906f36fd5fea98f3296519b
-
Size
58KB
-
Sample
221203-wzr3aahb51
-
MD5
9b70b385041c21d6862cddbdd4602140
-
SHA1
07ff685e2d8ff6d973ed76bfb5646e5535ebc5f7
-
SHA256
e17512e7361167f13914116399d133338b237ac9c906f36fd5fea98f3296519b
-
SHA512
310eb2bdafc2007ac57f48ff78cb844c9be1b758bc553e8f59954e055aed0619898ada83827e6a22b0e55bef2a19e9ac130257a9337cff6b7408ebe6fe25a64a
-
SSDEEP
1536:xuAjwXIgMVUPXAjBX1b1kVvigcrPSsZPzP:xgMUXANJ24lj
Malware Config
Targets
-
-
Target
e17512e7361167f13914116399d133338b237ac9c906f36fd5fea98f3296519b
-
Size
58KB
-
MD5
9b70b385041c21d6862cddbdd4602140
-
SHA1
07ff685e2d8ff6d973ed76bfb5646e5535ebc5f7
-
SHA256
e17512e7361167f13914116399d133338b237ac9c906f36fd5fea98f3296519b
-
SHA512
310eb2bdafc2007ac57f48ff78cb844c9be1b758bc553e8f59954e055aed0619898ada83827e6a22b0e55bef2a19e9ac130257a9337cff6b7408ebe6fe25a64a
-
SSDEEP
1536:xuAjwXIgMVUPXAjBX1b1kVvigcrPSsZPzP:xgMUXANJ24lj
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops file in System32 directory
-