General
-
Target
1ba82c9177b616ab8be2bf2dd8e7671035b16a0d5eba04e4cbb828d7992c99dc
-
Size
268KB
-
Sample
221207-dxfbladf9t
-
MD5
b040a3ea4d7ba5a239d32d2be562a392
-
SHA1
848f6a506ac961519a90d02102f6fd43cdabdab8
-
SHA256
1ba82c9177b616ab8be2bf2dd8e7671035b16a0d5eba04e4cbb828d7992c99dc
-
SHA512
3d44d69221f7586ad1f2acf5ab1c2a8472a1ca6365b2fb0ec324450123a972987974deb613471034c4e4320671e589c916acd547492a01c54c12efd494994333
-
SSDEEP
3072:1wgaPLh0xpuneIl6BjNlgnCW5tweOmJViklsKsJ5lB0e5/NhYrx5X7rZ6P47fJ:1weI8anCWcilu5lB08PY7X7rZ6s
Malware Config
Targets
-
-
Target
1ba82c9177b616ab8be2bf2dd8e7671035b16a0d5eba04e4cbb828d7992c99dc
-
Size
268KB
-
MD5
b040a3ea4d7ba5a239d32d2be562a392
-
SHA1
848f6a506ac961519a90d02102f6fd43cdabdab8
-
SHA256
1ba82c9177b616ab8be2bf2dd8e7671035b16a0d5eba04e4cbb828d7992c99dc
-
SHA512
3d44d69221f7586ad1f2acf5ab1c2a8472a1ca6365b2fb0ec324450123a972987974deb613471034c4e4320671e589c916acd547492a01c54c12efd494994333
-
SSDEEP
3072:1wgaPLh0xpuneIl6BjNlgnCW5tweOmJViklsKsJ5lB0e5/NhYrx5X7rZ6P47fJ:1weI8anCWcilu5lB08PY7X7rZ6s
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-