General
-
Target
0874d77f9d19a2668da6e8a4ea44e5b2
-
Size
203KB
-
Sample
231224-vzzxfshedm
-
MD5
0874d77f9d19a2668da6e8a4ea44e5b2
-
SHA1
422955180edf85c8f28ae06fc84a7498613594d0
-
SHA256
d5685b7576875be2c14879906191e0817ff0fab11b0075d89a92445ad93c1191
-
SHA512
590566d9466a4580595030a7bb2a16d28a962ed5b6c0ed7082f9308d27efae6fb41697281518b44efd83ab47be7da278f8c7eb3ba037092764730700e12bc5cd
-
SSDEEP
3072:aVG6UVYxmJhU40XGRkTjuIWnGPDXHV0wcFS+p3z67C3gA2QQCTK8bOfbvp7EH/E7:yh17XtTKGPD10fFx3WbA23CNbOThIcWe
Malware Config
Targets
-
-
Target
0874d77f9d19a2668da6e8a4ea44e5b2
-
Size
203KB
-
MD5
0874d77f9d19a2668da6e8a4ea44e5b2
-
SHA1
422955180edf85c8f28ae06fc84a7498613594d0
-
SHA256
d5685b7576875be2c14879906191e0817ff0fab11b0075d89a92445ad93c1191
-
SHA512
590566d9466a4580595030a7bb2a16d28a962ed5b6c0ed7082f9308d27efae6fb41697281518b44efd83ab47be7da278f8c7eb3ba037092764730700e12bc5cd
-
SSDEEP
3072:aVG6UVYxmJhU40XGRkTjuIWnGPDXHV0wcFS+p3z67C3gA2QQCTK8bOfbvp7EH/E7:yh17XtTKGPD10fFx3WbA23CNbOThIcWe
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-