General
-
Target
241e5359f1f2356a1869422fce8ea2f2
-
Size
487KB
-
Sample
231219-prw8pschhr
-
MD5
241e5359f1f2356a1869422fce8ea2f2
-
SHA1
a4c10304251f92f8083aa20aeb3f801cbe5f309f
-
SHA256
fb232007446a953176928d202fdc83257ad9a1bc220a35074fa9896fed0184d6
-
SHA512
ba86878045339743513d04193904eb8828fc66930ef437b1adb5515763f14244778050374e5060dc25acab90ddb4c3e076aa69a0dfd45fcf76e7edc35ec5ee4b
-
SSDEEP
6144:MZ05JxgT5XP3cqNFj7JDLtjkIbGZ05b5g5g5rZ05JxgT5XP3cqNFj7JDLtjkIb:Mm6P3cqNDLgGm6P3cqNDL
Malware Config
Targets
-
-
Target
241e5359f1f2356a1869422fce8ea2f2
-
Size
487KB
-
MD5
241e5359f1f2356a1869422fce8ea2f2
-
SHA1
a4c10304251f92f8083aa20aeb3f801cbe5f309f
-
SHA256
fb232007446a953176928d202fdc83257ad9a1bc220a35074fa9896fed0184d6
-
SHA512
ba86878045339743513d04193904eb8828fc66930ef437b1adb5515763f14244778050374e5060dc25acab90ddb4c3e076aa69a0dfd45fcf76e7edc35ec5ee4b
-
SSDEEP
6144:MZ05JxgT5XP3cqNFj7JDLtjkIbGZ05b5g5g5rZ05JxgT5XP3cqNFj7JDLtjkIb:Mm6P3cqNDLgGm6P3cqNDL
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-