General
-
Target
2870998c5e9b853907fad77b6898533f
-
Size
15.9MB
-
Sample
231219-p196xsfdhn
-
MD5
2870998c5e9b853907fad77b6898533f
-
SHA1
f6158edc3e0f4f5557260253706e2d7281b43538
-
SHA256
ff775c181e9d9d4f1e56966171b8e9b55a24fdf93f73462bc3f98ff0a36d453d
-
SHA512
883531ed4d923ebc2c8e0868f1c1944420b6534e40bbc8602c5407767aca26d6f3a99ac473195bb4333342fbad009e8a3d111dc71e7cc2b140d800d678c95ac6
-
SSDEEP
393216:ug7uUg7uUg7uUg7uUg7uUg7uUg7uUg7uN:jSJSJSJSJSJSJSJSN
Malware Config
Targets
-
-
Target
2870998c5e9b853907fad77b6898533f
-
Size
15.9MB
-
MD5
2870998c5e9b853907fad77b6898533f
-
SHA1
f6158edc3e0f4f5557260253706e2d7281b43538
-
SHA256
ff775c181e9d9d4f1e56966171b8e9b55a24fdf93f73462bc3f98ff0a36d453d
-
SHA512
883531ed4d923ebc2c8e0868f1c1944420b6534e40bbc8602c5407767aca26d6f3a99ac473195bb4333342fbad009e8a3d111dc71e7cc2b140d800d678c95ac6
-
SSDEEP
393216:ug7uUg7uUg7uUg7uUg7uUg7uUg7uUg7uN:jSJSJSJSJSJSJSJSN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-