General
-
Target
4974a5843021f6d8ab4bdc4794753b10aa473e5eebcafc4428182ce588987c8b
-
Size
28KB
-
Sample
221205-r5te3sab73
-
MD5
1e6b87a26e1b3b1a7fe22516c4e37a10
-
SHA1
c89f53315f10433fed6a14a8a7ad0fae1801ba73
-
SHA256
4974a5843021f6d8ab4bdc4794753b10aa473e5eebcafc4428182ce588987c8b
-
SHA512
20686c67d625a5094568a0721a7333dce77e442231fcd9f5f1a004b875dfd4ba1a635054173380bf1802a683ce57ae99fa7a5f44ab2f33eb67d23923c9172854
-
SSDEEP
768:ZY3hqiBHiLqvKLIXd8HXVEu5TWItW/vOa:mhsLi6IXdQEUWWKvOa
Malware Config
Targets
-
-
Target
4974a5843021f6d8ab4bdc4794753b10aa473e5eebcafc4428182ce588987c8b
-
Size
28KB
-
MD5
1e6b87a26e1b3b1a7fe22516c4e37a10
-
SHA1
c89f53315f10433fed6a14a8a7ad0fae1801ba73
-
SHA256
4974a5843021f6d8ab4bdc4794753b10aa473e5eebcafc4428182ce588987c8b
-
SHA512
20686c67d625a5094568a0721a7333dce77e442231fcd9f5f1a004b875dfd4ba1a635054173380bf1802a683ce57ae99fa7a5f44ab2f33eb67d23923c9172854
-
SSDEEP
768:ZY3hqiBHiLqvKLIXd8HXVEu5TWItW/vOa:mhsLi6IXdQEUWWKvOa
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-