General
-
Target
24f5f80d78b001f814311716863f7a98
-
Size
240KB
-
Sample
231225-rm6yfsabe6
-
MD5
24f5f80d78b001f814311716863f7a98
-
SHA1
3867cd0addd3282d2c735b1b14bd11be7ba93b07
-
SHA256
39b49a18f4eb462f4a063b0bf8517e6b34589fa2137b74529bb4c0d309f3e429
-
SHA512
2c73a397d3fc85d2173ea16a1725ea1de4beebd999376060fe487102df6f907d5f918e52861ccbd1aadf4317e6ef3456b8a2d867300c09513e6da59f568a28d1
-
SSDEEP
6144:8OI3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDh:8JdQKjeaEEpl
Malware Config
Targets
-
-
Target
24f5f80d78b001f814311716863f7a98
-
Size
240KB
-
MD5
24f5f80d78b001f814311716863f7a98
-
SHA1
3867cd0addd3282d2c735b1b14bd11be7ba93b07
-
SHA256
39b49a18f4eb462f4a063b0bf8517e6b34589fa2137b74529bb4c0d309f3e429
-
SHA512
2c73a397d3fc85d2173ea16a1725ea1de4beebd999376060fe487102df6f907d5f918e52861ccbd1aadf4317e6ef3456b8a2d867300c09513e6da59f568a28d1
-
SSDEEP
6144:8OI3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDh:8JdQKjeaEEpl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-