General
-
Target
ce2b485a34700990ad14839073195b549c8965e629a06d17d85ee23a26a6fe16
-
Size
140KB
-
Sample
221203-xtfmqsgb78
-
MD5
aabe9822c341fca9116c13816d34e4d5
-
SHA1
ab4ff694e646db2275320cad3cf1f3b9cabf783e
-
SHA256
ce2b485a34700990ad14839073195b549c8965e629a06d17d85ee23a26a6fe16
-
SHA512
ba8086c98852447f270f3d25ca9f2247cb01307d1fd42eab0e20ee5143811fa67af6ce5c718b8ae48b729fd99b7835e581f3f587177d9600077bdc8680e4c2cf
-
SSDEEP
3072:riCi2+6CXfCZAyJH1i1uzt9E5j4oQYn3C:OsMPe8KAdx
Malware Config
Targets
-
-
Target
ce2b485a34700990ad14839073195b549c8965e629a06d17d85ee23a26a6fe16
-
Size
140KB
-
MD5
aabe9822c341fca9116c13816d34e4d5
-
SHA1
ab4ff694e646db2275320cad3cf1f3b9cabf783e
-
SHA256
ce2b485a34700990ad14839073195b549c8965e629a06d17d85ee23a26a6fe16
-
SHA512
ba8086c98852447f270f3d25ca9f2247cb01307d1fd42eab0e20ee5143811fa67af6ce5c718b8ae48b729fd99b7835e581f3f587177d9600077bdc8680e4c2cf
-
SSDEEP
3072:riCi2+6CXfCZAyJH1i1uzt9E5j4oQYn3C:OsMPe8KAdx
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-