General
-
Target
947d24311ec499e1f242492d68eec29fb41de5b62dbb6a132297e6fb8763d043
-
Size
292KB
-
Sample
221204-acfvvadb2t
-
MD5
889f405295f41222d88fd5d75d4151ca
-
SHA1
0af2ac39fefc7105585ae28a51a9b4ff4dcb130c
-
SHA256
947d24311ec499e1f242492d68eec29fb41de5b62dbb6a132297e6fb8763d043
-
SHA512
dcd9c43bf5eb0175ac91179ce2bf29aca8e6551e9c93d57eb046b3d4aa00627e2a28897c82adf0b349403528307936d271c8c7b589b5055965adbd6395225298
-
SSDEEP
6144:ZkPeN8QRtvBUtqyFNLwSJrWPZxKBenJrYBHsgf0SoS:ZqeNhDpUtqyrMxnpJrMHlf0SoS
Malware Config
Targets
-
-
Target
947d24311ec499e1f242492d68eec29fb41de5b62dbb6a132297e6fb8763d043
-
Size
292KB
-
MD5
889f405295f41222d88fd5d75d4151ca
-
SHA1
0af2ac39fefc7105585ae28a51a9b4ff4dcb130c
-
SHA256
947d24311ec499e1f242492d68eec29fb41de5b62dbb6a132297e6fb8763d043
-
SHA512
dcd9c43bf5eb0175ac91179ce2bf29aca8e6551e9c93d57eb046b3d4aa00627e2a28897c82adf0b349403528307936d271c8c7b589b5055965adbd6395225298
-
SSDEEP
6144:ZkPeN8QRtvBUtqyFNLwSJrWPZxKBenJrYBHsgf0SoS:ZqeNhDpUtqyrMxnpJrMHlf0SoS
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-