General
-
Target
a0b5fa8e5bd46df2a63dad06baad3f4c606903e5791347418b26c8cfb7807bfb
-
Size
224KB
-
Sample
221207-d3rxkseb7t
-
MD5
1ef50615658ab036766497e6f3b3509b
-
SHA1
7c4accc29d9a4104e675774da710e08fc90c6752
-
SHA256
a0b5fa8e5bd46df2a63dad06baad3f4c606903e5791347418b26c8cfb7807bfb
-
SHA512
5c6c2d49d5dadb6981a1bf4d2ca5f8b299cf0e4705312aefd0e07791da554df3eda0cf3f1371eda4556103bd2de46091f26e2bca0e01b15fcf45b16beec765a2
-
SSDEEP
3072:sRJ8SkLNzq4ZA4j88xrqzojYvebJNCpdAI9mifH6x0cd+44:sRxSs4K4j88xrqzKYmXCDjfHu0x
Malware Config
Targets
-
-
Target
a0b5fa8e5bd46df2a63dad06baad3f4c606903e5791347418b26c8cfb7807bfb
-
Size
224KB
-
MD5
1ef50615658ab036766497e6f3b3509b
-
SHA1
7c4accc29d9a4104e675774da710e08fc90c6752
-
SHA256
a0b5fa8e5bd46df2a63dad06baad3f4c606903e5791347418b26c8cfb7807bfb
-
SHA512
5c6c2d49d5dadb6981a1bf4d2ca5f8b299cf0e4705312aefd0e07791da554df3eda0cf3f1371eda4556103bd2de46091f26e2bca0e01b15fcf45b16beec765a2
-
SSDEEP
3072:sRJ8SkLNzq4ZA4j88xrqzojYvebJNCpdAI9mifH6x0cd+44:sRxSs4K4j88xrqzKYmXCDjfHu0x
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-