General
-
Target
dobrota.exe
-
Size
7.7MB
-
Sample
230203-qch8zafd87
-
MD5
c8b999419a3c103270290e99189f794c
-
SHA1
90148745b61d2c77c1694e43f11faaa9a3d05a0a
-
SHA256
9093ff3bc7e78cfe84cadc3a993eeb1c15ce497e94efdcf51c1adcafd0aedf18
-
SHA512
6e95c693eef199c511c81052b1b4e9bdbd94bcd2fee2b16660ece026e86e3535c2389fe91049407842c2cad81ab9f0521865edb28708f961d804f32111d4c47c
-
SSDEEP
98304:JJx19RrCwXU7tTao36KJt6Oe2NhqCZao4+Axhy4V7FLEMUH82Z3dFRsFVsKtOepA:9thk7IInbrIh17FFWZnR0VsAHndDNE
Malware Config
Targets
-
-
Target
dobrota.exe
-
Size
7.7MB
-
MD5
c8b999419a3c103270290e99189f794c
-
SHA1
90148745b61d2c77c1694e43f11faaa9a3d05a0a
-
SHA256
9093ff3bc7e78cfe84cadc3a993eeb1c15ce497e94efdcf51c1adcafd0aedf18
-
SHA512
6e95c693eef199c511c81052b1b4e9bdbd94bcd2fee2b16660ece026e86e3535c2389fe91049407842c2cad81ab9f0521865edb28708f961d804f32111d4c47c
-
SSDEEP
98304:JJx19RrCwXU7tTao36KJt6Oe2NhqCZao4+Axhy4V7FLEMUH82Z3dFRsFVsKtOepA:9thk7IInbrIh17FFWZnR0VsAHndDNE
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-