General
-
Target
ef07bed27db0bf57e4925da43882ba3fb9434032a7336c1ae0b4b54feb3d8159
-
Size
260KB
-
Sample
221205-3sc34shc77
-
MD5
7ec2063afb1f8e74b287776689e36176
-
SHA1
41e6409b858cfd76223820434434b7e9363efbde
-
SHA256
ef07bed27db0bf57e4925da43882ba3fb9434032a7336c1ae0b4b54feb3d8159
-
SHA512
208df9374968f34add36339046404a979b65e1d7bbea00a9e0094255a26cbc4b7df1f4d414c3620ff8234e67d6a412a739809fec02207122c1d590d12e629783
-
SSDEEP
3072:t2eQZJ3mSh5eLM1ZcLSg797VWa4ipZHIfe6rdedUyZpiQ/VzEff7S5sW2hRwY:tam+o97npJL6gOyfdzEff7Sfm
Malware Config
Targets
-
-
Target
ef07bed27db0bf57e4925da43882ba3fb9434032a7336c1ae0b4b54feb3d8159
-
Size
260KB
-
MD5
7ec2063afb1f8e74b287776689e36176
-
SHA1
41e6409b858cfd76223820434434b7e9363efbde
-
SHA256
ef07bed27db0bf57e4925da43882ba3fb9434032a7336c1ae0b4b54feb3d8159
-
SHA512
208df9374968f34add36339046404a979b65e1d7bbea00a9e0094255a26cbc4b7df1f4d414c3620ff8234e67d6a412a739809fec02207122c1d590d12e629783
-
SSDEEP
3072:t2eQZJ3mSh5eLM1ZcLSg797VWa4ipZHIfe6rdedUyZpiQ/VzEff7S5sW2hRwY:tam+o97npJL6gOyfdzEff7Sfm
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-