General
-
Target
5d270c5f31a22248cc088654d6ea6f293d000e3780ed1d0e180ea005b6e120bd
-
Size
15.6MB
-
Sample
221210-j4e73afb45
-
MD5
2b0b6f7adb2c4f30a25aa73f19eb69de
-
SHA1
6856ec4a84ba879e8118bbe8fd89237f12977a7e
-
SHA256
5d270c5f31a22248cc088654d6ea6f293d000e3780ed1d0e180ea005b6e120bd
-
SHA512
4018b7127fe13b8f4ccfd4ad5ac842e4e56e2f4c8637cdaca34b614106724ba24c57d572e11643b89265cfbed128016edf60c0b823224d45004c82585e473b62
-
SSDEEP
393216:WiYKzJ17sYSuDHiW6NEhlYsZF07VmkNAPSEMSaYSwpCAIe:rVBFJD2olYsT0V3Nk/azC
Static task
static1
Malware Config
Targets
-
-
Target
5d270c5f31a22248cc088654d6ea6f293d000e3780ed1d0e180ea005b6e120bd
-
Size
15.6MB
-
MD5
2b0b6f7adb2c4f30a25aa73f19eb69de
-
SHA1
6856ec4a84ba879e8118bbe8fd89237f12977a7e
-
SHA256
5d270c5f31a22248cc088654d6ea6f293d000e3780ed1d0e180ea005b6e120bd
-
SHA512
4018b7127fe13b8f4ccfd4ad5ac842e4e56e2f4c8637cdaca34b614106724ba24c57d572e11643b89265cfbed128016edf60c0b823224d45004c82585e473b62
-
SSDEEP
393216:WiYKzJ17sYSuDHiW6NEhlYsZF07VmkNAPSEMSaYSwpCAIe:rVBFJD2olYsT0V3Nk/azC
-
Babadeda Crypter
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-