General
-
Target
c857b44dd1ba38982a48c59472c3a31ab5ab2a510afb378d36c9381f4dfec618
-
Size
35KB
-
Sample
221206-wkcztaag38
-
MD5
1f12fbc653eb08f5069446cb015337ba
-
SHA1
8fdbf0028893113da3f7f279e6f02f06d5fd70cc
-
SHA256
c857b44dd1ba38982a48c59472c3a31ab5ab2a510afb378d36c9381f4dfec618
-
SHA512
d1926bad19c54a0a7c11681fb6f03db40e5359cbc5d8dc03b3cf5ec1173a3827d71abbba8021ce5b713137f7cc9fe111a44ee71eef502e5b1ed1523863125149
-
SSDEEP
768:34CRQMApypWh9FTzgWEbDkWlrTvYGBCgU:oNMA8UB+DkCrMGC
Malware Config
Targets
-
-
Target
c857b44dd1ba38982a48c59472c3a31ab5ab2a510afb378d36c9381f4dfec618
-
Size
35KB
-
MD5
1f12fbc653eb08f5069446cb015337ba
-
SHA1
8fdbf0028893113da3f7f279e6f02f06d5fd70cc
-
SHA256
c857b44dd1ba38982a48c59472c3a31ab5ab2a510afb378d36c9381f4dfec618
-
SHA512
d1926bad19c54a0a7c11681fb6f03db40e5359cbc5d8dc03b3cf5ec1173a3827d71abbba8021ce5b713137f7cc9fe111a44ee71eef502e5b1ed1523863125149
-
SSDEEP
768:34CRQMApypWh9FTzgWEbDkWlrTvYGBCgU:oNMA8UB+DkCrMGC
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-