General
-
Target
be5903721f12a958898ca4039988f128f63b37420d02227ccb28ac77657ae995
-
Size
11.7MB
-
Sample
231013-teqmlsdd38
-
MD5
fe5a4d2b381761d420987edcb22c2fb6
-
SHA1
8acbbd07976e2fbc80974567f88b988606ab651e
-
SHA256
be5903721f12a958898ca4039988f128f63b37420d02227ccb28ac77657ae995
-
SHA512
a3a01b48654a839de913e3d1d3555a02c28845e7e693744206048540f3e8cbb8aecead0898b1d3c93dfea46459a4f595c8f8af298bc61945cce473f7fcb3d4ac
-
SSDEEP
98304:+DGCo6cWy7JlG49hbzPvRhJBAUZLHlrPz4rbm:ueVTJVhf4K
Malware Config
Targets
-
-
Target
be5903721f12a958898ca4039988f128f63b37420d02227ccb28ac77657ae995
-
Size
11.7MB
-
MD5
fe5a4d2b381761d420987edcb22c2fb6
-
SHA1
8acbbd07976e2fbc80974567f88b988606ab651e
-
SHA256
be5903721f12a958898ca4039988f128f63b37420d02227ccb28ac77657ae995
-
SHA512
a3a01b48654a839de913e3d1d3555a02c28845e7e693744206048540f3e8cbb8aecead0898b1d3c93dfea46459a4f595c8f8af298bc61945cce473f7fcb3d4ac
-
SSDEEP
98304:+DGCo6cWy7JlG49hbzPvRhJBAUZLHlrPz4rbm:ueVTJVhf4K
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-