General
-
Target
21883cc1039330f2ae1b3c61f288b9f7525bd17418c91c852e5cf4549364c6f7
-
Size
129KB
-
Sample
221205-s1cgfafh2x
-
MD5
9f6f1df5451ef01f7266a090af4a7817
-
SHA1
0cd330975c208303423a49c6002afffbb2aa49c0
-
SHA256
21883cc1039330f2ae1b3c61f288b9f7525bd17418c91c852e5cf4549364c6f7
-
SHA512
6d88aee4b1b4f21e5fa17316a83a5cf92228c2a4067bdd17c199711837161a44c971ff55fd44b952730fc47fc9064b8a5c1d61adb1f851bc35e83acb322fda39
-
SSDEEP
3072:pR46Yppf9OWiC4+oLi8YW313b/cB8yL1V3mTI2IOGjJmgDpvP2s4rjP:pR46Yppf9OWiC4+oLiqcmyCTI2IOGdpC
Malware Config
Targets
-
-
Target
21883cc1039330f2ae1b3c61f288b9f7525bd17418c91c852e5cf4549364c6f7
-
Size
129KB
-
MD5
9f6f1df5451ef01f7266a090af4a7817
-
SHA1
0cd330975c208303423a49c6002afffbb2aa49c0
-
SHA256
21883cc1039330f2ae1b3c61f288b9f7525bd17418c91c852e5cf4549364c6f7
-
SHA512
6d88aee4b1b4f21e5fa17316a83a5cf92228c2a4067bdd17c199711837161a44c971ff55fd44b952730fc47fc9064b8a5c1d61adb1f851bc35e83acb322fda39
-
SSDEEP
3072:pR46Yppf9OWiC4+oLi8YW313b/cB8yL1V3mTI2IOGjJmgDpvP2s4rjP:pR46Yppf9OWiC4+oLiqcmyCTI2IOGdpC
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-