General
-
Target
80aa65d5387e33a0910711329c4b690f0fb773fa7f89ce8b65b3baf68f1af1bf
-
Size
7.2MB
-
Sample
231114-r63p5sbg68
-
MD5
7d269f2a57045c92e965e1df8f45888a
-
SHA1
7aee0411dca787671da2bd27b6c3b43210ebe61e
-
SHA256
80aa65d5387e33a0910711329c4b690f0fb773fa7f89ce8b65b3baf68f1af1bf
-
SHA512
ca55b4bc1a9cf2ef48e2df1b053bbc9f7945c41d9c0ba1a0ce96798169ee552d82d526cda88055040937f37e902b58e815a9d23e7284da89cc1b13e032d0f9c4
-
SSDEEP
196608:xJlFhv7UOmCyb0An6pkgNRtP6hi1ahzBtjR7:PtTUOlybRnuTRtP6hiOPV
Malware Config
Targets
-
-
Target
80aa65d5387e33a0910711329c4b690f0fb773fa7f89ce8b65b3baf68f1af1bf
-
Size
7.2MB
-
MD5
7d269f2a57045c92e965e1df8f45888a
-
SHA1
7aee0411dca787671da2bd27b6c3b43210ebe61e
-
SHA256
80aa65d5387e33a0910711329c4b690f0fb773fa7f89ce8b65b3baf68f1af1bf
-
SHA512
ca55b4bc1a9cf2ef48e2df1b053bbc9f7945c41d9c0ba1a0ce96798169ee552d82d526cda88055040937f37e902b58e815a9d23e7284da89cc1b13e032d0f9c4
-
SSDEEP
196608:xJlFhv7UOmCyb0An6pkgNRtP6hi1ahzBtjR7:PtTUOlybRnuTRtP6hiOPV
Score8/10-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-