General
-
Target
aaf49267faf98902f9a8909128f231ee07c30a3be09f1902ae354bbd830f0b46
-
Size
650KB
-
Sample
221206-rmtm5ahf7y
-
MD5
a23c452d5384826a29fd7d53e3b4c683
-
SHA1
746c013184876080f219703c91b32af587f5acc1
-
SHA256
aaf49267faf98902f9a8909128f231ee07c30a3be09f1902ae354bbd830f0b46
-
SHA512
6cbbf8c3f7e32b0aeed1447f290842eaebf9e8f325517ed4e9d34d4aa56312c03c3cc1b5a563679554dfa8b383e8c36d7b0673f84d47113d52f47c0455623792
-
SSDEEP
12288:yKAwhYzoptIsfyd+D3wyDqOEdBWxBUkyei+ZE8McoZ:KAQyIs6d+3jHEdBWmJ+o/Z
Malware Config
Targets
-
-
Target
aaf49267faf98902f9a8909128f231ee07c30a3be09f1902ae354bbd830f0b46
-
Size
650KB
-
MD5
a23c452d5384826a29fd7d53e3b4c683
-
SHA1
746c013184876080f219703c91b32af587f5acc1
-
SHA256
aaf49267faf98902f9a8909128f231ee07c30a3be09f1902ae354bbd830f0b46
-
SHA512
6cbbf8c3f7e32b0aeed1447f290842eaebf9e8f325517ed4e9d34d4aa56312c03c3cc1b5a563679554dfa8b383e8c36d7b0673f84d47113d52f47c0455623792
-
SSDEEP
12288:yKAwhYzoptIsfyd+D3wyDqOEdBWxBUkyei+ZE8McoZ:KAQyIs6d+3jHEdBWmJ+o/Z
Score8/10-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-