General
-
Target
1bdca6b0e741452a7ced41fb3b8c81c789593ba0ece88eaad66e9df3ac3a6743
-
Size
288KB
-
Sample
221207-d169gsea7s
-
MD5
e76f3d0e0e17bfd32a14fd72ec2533c5
-
SHA1
61a5e0a2a7ecdb283ebbdc53affd86e679a32eff
-
SHA256
1bdca6b0e741452a7ced41fb3b8c81c789593ba0ece88eaad66e9df3ac3a6743
-
SHA512
2dbd7fe79656f86c3a9e14d85ccdd86b179bc313e7896c4f62284daf84fc590cef8afb66e374d84a17f6b703845621bce9e4ddae25a1cdf56a0209a6216b4cc2
-
SSDEEP
3072:oIBUfumBl7lZKXxdyMDb7eOTcRLLQ9rkJCXTC/7ltZHP1ltZHP2YeHu:xS9TKBAMypLYaP7P2PH
Malware Config
Targets
-
-
Target
1bdca6b0e741452a7ced41fb3b8c81c789593ba0ece88eaad66e9df3ac3a6743
-
Size
288KB
-
MD5
e76f3d0e0e17bfd32a14fd72ec2533c5
-
SHA1
61a5e0a2a7ecdb283ebbdc53affd86e679a32eff
-
SHA256
1bdca6b0e741452a7ced41fb3b8c81c789593ba0ece88eaad66e9df3ac3a6743
-
SHA512
2dbd7fe79656f86c3a9e14d85ccdd86b179bc313e7896c4f62284daf84fc590cef8afb66e374d84a17f6b703845621bce9e4ddae25a1cdf56a0209a6216b4cc2
-
SSDEEP
3072:oIBUfumBl7lZKXxdyMDb7eOTcRLLQ9rkJCXTC/7ltZHP1ltZHP2YeHu:xS9TKBAMypLYaP7P2PH
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-