General
-
Target
10321bb0c7498e9089238952368bf2aa
-
Size
124KB
-
Sample
231225-jqg5hagbh3
-
MD5
10321bb0c7498e9089238952368bf2aa
-
SHA1
690eac3e29969ca7189febc3bb4c2137777e2cd1
-
SHA256
aec1e8a1c3ec05112bf48b4c4e49ffdf1af13a882b819cc469e00c96257987b5
-
SHA512
4e3b5e6d0c8ac312cd41e62481f75a968272e1f10db5692f5ea60e839bfb0927a5112feaf549302d376fc53bcff8d95964a68cea8db8f36c1045d4b78e34d58b
-
SSDEEP
3072:/l0img13tG90HdQ3SqtRaAUjfdaBdE3SrmnbmO2M41Mmz:/ljpD9Q3TtRq7Unrwy1Mmz
Malware Config
Targets
-
-
Target
GOLAYA-PHOTO.exe
-
Size
238KB
-
MD5
466171c86c39f1266019f1386b78ad45
-
SHA1
cf50984c43232cffb00e181597be92b5a118c65e
-
SHA256
af2f6bc331ddbf6401b342e21947f949a92143d7f8dea3e6a1dcefca18bcefb2
-
SHA512
162f43193b6e387ae9bbe77b099d62ad473f47b7dbfddb8e94fe75b3b7003035dadd9bb2e7069e8009eba74a6206784f54999f29ff5ea5a7463b086382018b4b
-
SSDEEP
3072:QBAp5XhKpN4eOyVTGfhEClj8jTk+0h5TlWnC+Cgw5CKHG:HbXE9OiTGfhEClq9IlWzJJUG
Score8/10-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-