General
-
Target
dcfe076ac089afc0ceb4e72a109c007810f56c7eedbd6285d4fe15e8b23f79af
-
Size
352KB
-
Sample
221204-rnq9dsbd5w
-
MD5
c6c7a244a7b84ca1c39ff75ab67fb4ce
-
SHA1
96587a14d3aab06296cef886f4f38cb80e3f837a
-
SHA256
dcfe076ac089afc0ceb4e72a109c007810f56c7eedbd6285d4fe15e8b23f79af
-
SHA512
3d2725f90195bbf2a469c89d62b048dc9d40ccd6b4bd0f7e70412bbe494ab158a63fbcf2431ed9ac708327ffbd449639bfc8f8106b4dc400532b6d6574b4db7a
-
SSDEEP
6144:3ENWWi0N5mF1jRDrqL2nu1RIwaqpakE3u3fBzCeT3yt:U80N5w1Rpnk92j3GfBOeC
Malware Config
Targets
-
-
Target
dcfe076ac089afc0ceb4e72a109c007810f56c7eedbd6285d4fe15e8b23f79af
-
Size
352KB
-
MD5
c6c7a244a7b84ca1c39ff75ab67fb4ce
-
SHA1
96587a14d3aab06296cef886f4f38cb80e3f837a
-
SHA256
dcfe076ac089afc0ceb4e72a109c007810f56c7eedbd6285d4fe15e8b23f79af
-
SHA512
3d2725f90195bbf2a469c89d62b048dc9d40ccd6b4bd0f7e70412bbe494ab158a63fbcf2431ed9ac708327ffbd449639bfc8f8106b4dc400532b6d6574b4db7a
-
SSDEEP
6144:3ENWWi0N5mF1jRDrqL2nu1RIwaqpakE3u3fBzCeT3yt:U80N5w1Rpnk92j3GfBOeC
Score8/10-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-