General
-
Target
50718e9347cf2d29d0b48529fbfc25e57a58fff7ae64c7c1bbde28d9a1cdd5c8
-
Size
220KB
-
Sample
221204-p6jk6aeg2z
-
MD5
a5b0e92b1b747f414a537db898b335d0
-
SHA1
b6ad79bcc29e96aa3338ab06b9610491736318bf
-
SHA256
50718e9347cf2d29d0b48529fbfc25e57a58fff7ae64c7c1bbde28d9a1cdd5c8
-
SHA512
57bb29206f48856fc23a02eb85a8bc08ad460dde82adb1f2e572912b9ed72fa1fc461bcdcbc4fcae57c58424fd2be77737551ae42b1474c4dbaff056a81cc150
-
SSDEEP
3072:vo8L5tpV+CSA1AAPoCpxW5ATBfUNvS1svkTVC9FieYTTLprx/m3qT4S826guKqhG:htpvoCpcNK1jQdiF
Malware Config
Targets
-
-
Target
50718e9347cf2d29d0b48529fbfc25e57a58fff7ae64c7c1bbde28d9a1cdd5c8
-
Size
220KB
-
MD5
a5b0e92b1b747f414a537db898b335d0
-
SHA1
b6ad79bcc29e96aa3338ab06b9610491736318bf
-
SHA256
50718e9347cf2d29d0b48529fbfc25e57a58fff7ae64c7c1bbde28d9a1cdd5c8
-
SHA512
57bb29206f48856fc23a02eb85a8bc08ad460dde82adb1f2e572912b9ed72fa1fc461bcdcbc4fcae57c58424fd2be77737551ae42b1474c4dbaff056a81cc150
-
SSDEEP
3072:vo8L5tpV+CSA1AAPoCpxW5ATBfUNvS1svkTVC9FieYTTLprx/m3qT4S826guKqhG:htpvoCpcNK1jQdiF
Score10/10-
Modifies system executable filetype association
-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-