General
-
Target
6234ef67435dfcb65bd661b5f3bb0b77b82fe6cdd2109b6dfb9dea1b65a17d5d.iso
-
Size
59.4MB
-
Sample
230404-hzalcafc71
-
MD5
2cd04d9e11c6e458ec16db1ab810d625
-
SHA1
2d9b50e28864ae47786b3f6bcb2e7218aed2d7df
-
SHA256
6234ef67435dfcb65bd661b5f3bb0b77b82fe6cdd2109b6dfb9dea1b65a17d5d
-
SHA512
c5048a55d98714693a6da193df19566958058eaa60760379d2b58a9bf81ac7c7b08298a77630fb51097de723d324400ae1b2af3cf8af210c6a002f09a2daa64c
-
SSDEEP
3072:LGV7bXhPYf+Fsa9HAPFVCDRgziNmFVCDRgziN9k9:uXhPYssa9yCDCO8CDCOLk9
Malware Config
Targets
-
-
Target
북 외교관 선발파견 및 해외공관.lnk
-
Size
29.7MB
-
MD5
657fd7317ccde5a0e0c182a626951a9f
-
SHA1
edb782f50c899555506150e097f6346deb3f6fb1
-
SHA256
c5c05f9df89fc803884fed2bd20a3824eae95eeb34a1827bf5210e4ac17beadd
-
SHA512
4ee451076b5adaae332d64559cae16482f6d2fd30292f50dbe9d21a7030621e71fe119b6532ec6a7ac1ef6c37e022dbea648db268bdfeb2bbabec281b03ec29e
-
SSDEEP
1536:f8hPldX8h7lPA7X2vmVMlMVMlcPYf+a+NsAJ93:fGV7bXhPYf+Fsa93
Score8/10-
Blocklisted process makes network request
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
북한외교정책결정과정.lnk
-
Size
29.7MB
-
MD5
be32725e676d49eaa11ff51c61f18907
-
SHA1
37ee57a1097bbacbece974653c0ec435ee19b4f3
-
SHA256
479894be4c5dec0992ad3c5b21fb1423643996d80d59dcca76386bb325dc811e
-
SHA512
f65a64a2934659cf7c5b58b37708011f8cfed60c5fdcb226159d3b9bcba8d551149a1769ae10486c4f33452e87261e884830be22474d10ffe8da1362b9ffeddf
-
SSDEEP
1536:fAJ+YScrgY3VAmoxV9RUDCcilpZLm+YScbgY3VAmoxV9RUDCcilpZL9yJ9P:fAPFVCDRgziNmFVCDRgziN9k9P
Score8/10-
Blocklisted process makes network request
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-