General
-
Target
5399a3a6f6287fff8b51c177a91aa657ffab454a6395536462d089cc98812feb
-
Size
260KB
-
Sample
221207-d323jseb8z
-
MD5
66331f84c70d82b15ca1fa94e6639fc4
-
SHA1
61863c6e0b1e4d5d3a7d6892cfccb014e3891c5a
-
SHA256
5399a3a6f6287fff8b51c177a91aa657ffab454a6395536462d089cc98812feb
-
SHA512
76a17d4a952ce09453b1ef6c6b910f70c08df52b3cc49d895e345243b0ef6c3a48c1d75e3f7f0365533f098315fcb9987bab496762e3f3e4e08acea8114c60ac
-
SSDEEP
3072:t2O3VL/B7nNKN+teXs4DuVDGh0/x4mJAxt1hEHDb0EuOW7MbVqGa3tTI/y:tTxNKN+tec5D/+mJAhhEHUjOW7MVE
Malware Config
Targets
-
-
Target
5399a3a6f6287fff8b51c177a91aa657ffab454a6395536462d089cc98812feb
-
Size
260KB
-
MD5
66331f84c70d82b15ca1fa94e6639fc4
-
SHA1
61863c6e0b1e4d5d3a7d6892cfccb014e3891c5a
-
SHA256
5399a3a6f6287fff8b51c177a91aa657ffab454a6395536462d089cc98812feb
-
SHA512
76a17d4a952ce09453b1ef6c6b910f70c08df52b3cc49d895e345243b0ef6c3a48c1d75e3f7f0365533f098315fcb9987bab496762e3f3e4e08acea8114c60ac
-
SSDEEP
3072:t2O3VL/B7nNKN+teXs4DuVDGh0/x4mJAxt1hEHDb0EuOW7MbVqGa3tTI/y:tTxNKN+tec5D/+mJAhhEHUjOW7MVE
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-