General
-
Target
49c04a5746d83d80e1e4826a2c881199
-
Size
140KB
-
Sample
231226-bzwp9abgck
-
MD5
49c04a5746d83d80e1e4826a2c881199
-
SHA1
3a293617b394a8ca13f9c4c87b44ed726decac51
-
SHA256
23e999dab7d23d0e9c6adb4441a60254e3b82f3d925eb846124fa36b7041cdeb
-
SHA512
b39f88978e7b66b83e89bc061c3811af9c8360c6001d1ee8ea3edf66ce91d81f58dbcf8c8d61c237adc408ac796a8f81cdea65a93aca87e0845daeaa7c06f1fa
-
SSDEEP
3072:+8oug6EUbaxv13wpUh2XZDutcHdVmn8+ro0e:+8Xg6Y13qdVy8+kj
Malware Config
Targets
-
-
Target
49c04a5746d83d80e1e4826a2c881199
-
Size
140KB
-
MD5
49c04a5746d83d80e1e4826a2c881199
-
SHA1
3a293617b394a8ca13f9c4c87b44ed726decac51
-
SHA256
23e999dab7d23d0e9c6adb4441a60254e3b82f3d925eb846124fa36b7041cdeb
-
SHA512
b39f88978e7b66b83e89bc061c3811af9c8360c6001d1ee8ea3edf66ce91d81f58dbcf8c8d61c237adc408ac796a8f81cdea65a93aca87e0845daeaa7c06f1fa
-
SSDEEP
3072:+8oug6EUbaxv13wpUh2XZDutcHdVmn8+ro0e:+8Xg6Y13qdVy8+kj
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-