General
-
Target
b098df4234ad95199fee2618ce399387336bcd50e92ea7a5562e2a819b0cae52
-
Size
164KB
-
Sample
221203-y98twscg59
-
MD5
f304a558e5613165d14e4942f6605538
-
SHA1
bf640f47efb9cc81f0a9d94598e53cf7c313a0d2
-
SHA256
b098df4234ad95199fee2618ce399387336bcd50e92ea7a5562e2a819b0cae52
-
SHA512
b4b300e10c831178bb3eccc4d1ac4495d4d270b007878685280c2583ae31f5fff85a8b173576e851d3e01d7a06fcb18c9f0ad2c77181b5c5a5d5311a5f74829f
-
SSDEEP
768:BEQ1+NagWiudoQqr7VTUfbIyMLC6jpkU:qRNrWiXx6IyMLC62
Malware Config
Targets
-
-
Target
b098df4234ad95199fee2618ce399387336bcd50e92ea7a5562e2a819b0cae52
-
Size
164KB
-
MD5
f304a558e5613165d14e4942f6605538
-
SHA1
bf640f47efb9cc81f0a9d94598e53cf7c313a0d2
-
SHA256
b098df4234ad95199fee2618ce399387336bcd50e92ea7a5562e2a819b0cae52
-
SHA512
b4b300e10c831178bb3eccc4d1ac4495d4d270b007878685280c2583ae31f5fff85a8b173576e851d3e01d7a06fcb18c9f0ad2c77181b5c5a5d5311a5f74829f
-
SSDEEP
768:BEQ1+NagWiudoQqr7VTUfbIyMLC6jpkU:qRNrWiXx6IyMLC62
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-