General
-
Target
e55eb9843202d21f9b3a4b88c6ccfa107ebb73abad8a232a7bda8dc91d7eccb9
-
Size
93KB
-
Sample
221206-lslltafa83
-
MD5
16169a7ff4f0619b0e22df4313d993b0
-
SHA1
b9ef558d7b753a38d6b367d28d49e4fb9b5f2834
-
SHA256
e55eb9843202d21f9b3a4b88c6ccfa107ebb73abad8a232a7bda8dc91d7eccb9
-
SHA512
ed2850dce57ea1412e9753e0d5f89bb39c7e55a741b391eb2a24dd8cbc6ec8a39d5be07b8f843939ee7c94cced29604e195e01db4bbb5290201449a8edb256e3
-
SSDEEP
1536:JRVneKG3nVXyakJ+lZArw8j7B2NLe/2XjSXAVlyPh8HCeqQ/u:JRVngVAJ+lZArV3B2N6YjSXAPiKu
Malware Config
Targets
-
-
Target
e55eb9843202d21f9b3a4b88c6ccfa107ebb73abad8a232a7bda8dc91d7eccb9
-
Size
93KB
-
MD5
16169a7ff4f0619b0e22df4313d993b0
-
SHA1
b9ef558d7b753a38d6b367d28d49e4fb9b5f2834
-
SHA256
e55eb9843202d21f9b3a4b88c6ccfa107ebb73abad8a232a7bda8dc91d7eccb9
-
SHA512
ed2850dce57ea1412e9753e0d5f89bb39c7e55a741b391eb2a24dd8cbc6ec8a39d5be07b8f843939ee7c94cced29604e195e01db4bbb5290201449a8edb256e3
-
SSDEEP
1536:JRVneKG3nVXyakJ+lZArw8j7B2NLe/2XjSXAVlyPh8HCeqQ/u:JRVngVAJ+lZArV3B2N6YjSXAPiKu
Score8/10-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Modifies file permissions
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-