General
-
Target
3672f8238efaad24477335d9f8748e5df0e321cb4c8a86b95676263c59d0ed79
-
Size
312KB
-
Sample
221207-dxw94sbb68
-
MD5
f23af966ce03d383fe75b78460b9e622
-
SHA1
2056fb4c62fa8b01dc90dc85a21084a722c277fa
-
SHA256
3672f8238efaad24477335d9f8748e5df0e321cb4c8a86b95676263c59d0ed79
-
SHA512
078a4c57fb2dbcbaa7d9dc3b2ddac163acfbfee31c0cd5e81269e37cbe34395755d84206840d16dc1397943f9d1886ef578768597d26e781c21f8834faee2de7
-
SSDEEP
6144:EFrFO+BM7LIdvk9B1aKzhsMXcAxREoZPmbw0/8GHjTllRSxsn3B0OoepyYjHkRIE:qruB1aKzhsMXRxREUPmbxXv3BHBdjHCB
Malware Config
Targets
-
-
Target
3672f8238efaad24477335d9f8748e5df0e321cb4c8a86b95676263c59d0ed79
-
Size
312KB
-
MD5
f23af966ce03d383fe75b78460b9e622
-
SHA1
2056fb4c62fa8b01dc90dc85a21084a722c277fa
-
SHA256
3672f8238efaad24477335d9f8748e5df0e321cb4c8a86b95676263c59d0ed79
-
SHA512
078a4c57fb2dbcbaa7d9dc3b2ddac163acfbfee31c0cd5e81269e37cbe34395755d84206840d16dc1397943f9d1886ef578768597d26e781c21f8834faee2de7
-
SSDEEP
6144:EFrFO+BM7LIdvk9B1aKzhsMXcAxREoZPmbw0/8GHjTllRSxsn3B0OoepyYjHkRIE:qruB1aKzhsMXRxREUPmbxXv3BHBdjHCB
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-