General
-
Target
97c0d03a1d9982eb6f1258d19892ed89c556f7e21471068b204882f8d83864c9
-
Size
240KB
-
Sample
221203-x16gqscd8y
-
MD5
141d6b4d6271396294f6e991f9cc1c80
-
SHA1
44c9822c6a217b99fd795a8cc5c372ff0fe05ed3
-
SHA256
97c0d03a1d9982eb6f1258d19892ed89c556f7e21471068b204882f8d83864c9
-
SHA512
05e68dc2d3d6095228211a3b8846313e5fad0a7d7aa1a00f311c60fb0bd43b388244e54da716943de55da21194867e777f7ab7cbd269eaa9e507632575b0cb30
-
SSDEEP
3072:S1bNaDd7BtXTqWbsLi9+uCUPTkKGiNays/8WkfinSDFWgXfDCG:ANC1TqWU5uCozGiNaR/8Io1
Malware Config
Targets
-
-
Target
97c0d03a1d9982eb6f1258d19892ed89c556f7e21471068b204882f8d83864c9
-
Size
240KB
-
MD5
141d6b4d6271396294f6e991f9cc1c80
-
SHA1
44c9822c6a217b99fd795a8cc5c372ff0fe05ed3
-
SHA256
97c0d03a1d9982eb6f1258d19892ed89c556f7e21471068b204882f8d83864c9
-
SHA512
05e68dc2d3d6095228211a3b8846313e5fad0a7d7aa1a00f311c60fb0bd43b388244e54da716943de55da21194867e777f7ab7cbd269eaa9e507632575b0cb30
-
SSDEEP
3072:S1bNaDd7BtXTqWbsLi9+uCUPTkKGiNays/8WkfinSDFWgXfDCG:ANC1TqWU5uCozGiNaR/8Io1
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-