General
-
Target
abfacdee11ab51ede3008294a22f7ae135d3c36ee16da784ccb9f1a060a62a34
-
Size
674KB
-
Sample
221205-la9kxseg36
-
MD5
8a88d8b46021e75033ba64fed8f8867d
-
SHA1
9d2fe622e2f0f11dd33fcbf7cf97c4ec9e0d5ded
-
SHA256
abfacdee11ab51ede3008294a22f7ae135d3c36ee16da784ccb9f1a060a62a34
-
SHA512
8c15e9d4962544918a9b2b47f754495b6862bfe86f5585d29c7c31080dbd46b1e1fb3e364a8205c6cc714293bd9724d013120fe824faf256842de42a08ea8fd8
-
SSDEEP
12288:sYqjKYcL/7cLvtXTyX0ZbBkYXGv3OAr9l/QXYEZuEs60exoxwYUYr19ZTFjYs43J:wSX0N1IEc46xUYr1pjAd
Malware Config
Targets
-
-
Target
abfacdee11ab51ede3008294a22f7ae135d3c36ee16da784ccb9f1a060a62a34
-
Size
674KB
-
MD5
8a88d8b46021e75033ba64fed8f8867d
-
SHA1
9d2fe622e2f0f11dd33fcbf7cf97c4ec9e0d5ded
-
SHA256
abfacdee11ab51ede3008294a22f7ae135d3c36ee16da784ccb9f1a060a62a34
-
SHA512
8c15e9d4962544918a9b2b47f754495b6862bfe86f5585d29c7c31080dbd46b1e1fb3e364a8205c6cc714293bd9724d013120fe824faf256842de42a08ea8fd8
-
SSDEEP
12288:sYqjKYcL/7cLvtXTyX0ZbBkYXGv3OAr9l/QXYEZuEs60exoxwYUYr19ZTFjYs43J:wSX0N1IEc46xUYr1pjAd
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-