General
-
Target
9c733a54f4d70c1e2278e1376ccbc4d61dfdab8bab6d88bac81d9f45106c1db1
-
Size
296KB
-
Sample
221205-me9bdsed2w
-
MD5
1b33e6b6432c0101919da1186ab13e50
-
SHA1
9abcbc00ef510e41c941223f8039059cf75a980b
-
SHA256
9c733a54f4d70c1e2278e1376ccbc4d61dfdab8bab6d88bac81d9f45106c1db1
-
SHA512
98eb1de0aa3c598ea0c1553436740e52c62acc3010b1cf6c9279bdf24b5ea80d6163d02cdf001cebc240fb16952dfe8a548027602022e8215b8f183edf739044
-
SSDEEP
6144:5/qRpYmR7qZ1R26ULRdSJz8qbtFibPGXs:5/727qZ1JU9dSJz8qbmLG
Malware Config
Targets
-
-
Target
9c733a54f4d70c1e2278e1376ccbc4d61dfdab8bab6d88bac81d9f45106c1db1
-
Size
296KB
-
MD5
1b33e6b6432c0101919da1186ab13e50
-
SHA1
9abcbc00ef510e41c941223f8039059cf75a980b
-
SHA256
9c733a54f4d70c1e2278e1376ccbc4d61dfdab8bab6d88bac81d9f45106c1db1
-
SHA512
98eb1de0aa3c598ea0c1553436740e52c62acc3010b1cf6c9279bdf24b5ea80d6163d02cdf001cebc240fb16952dfe8a548027602022e8215b8f183edf739044
-
SSDEEP
6144:5/qRpYmR7qZ1R26ULRdSJz8qbtFibPGXs:5/727qZ1JU9dSJz8qbmLG
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-