General
-
Target
6136405791b448627130a3c14d958d4e
-
Size
318KB
-
Sample
231226-krxr1sccaj
-
MD5
6136405791b448627130a3c14d958d4e
-
SHA1
a7ff7c6e1ceab4ed00465031a70dadfd9a884a52
-
SHA256
26b4807f6b44689ed7caead85d092c91b00f4ce97fbed2a6720611b160fdc5b4
-
SHA512
12f82684e2ed1933befcbf4f6148613161d943bb6df617b4834257d9e4979b87ed64ec14f8428895fb437c33a516e290b09717f67a99f3e9d95f79196c0179b5
-
SSDEEP
6144:toCb5nZUH7f1sWDJASCFGeV+TWWGt7Pz4D2mDmgw01ncbiA1JnlWhnT:KAZ211DebFtVixG1PMDPmg3ncbiI/WhT
Malware Config
Targets
-
-
Target
6136405791b448627130a3c14d958d4e
-
Size
318KB
-
MD5
6136405791b448627130a3c14d958d4e
-
SHA1
a7ff7c6e1ceab4ed00465031a70dadfd9a884a52
-
SHA256
26b4807f6b44689ed7caead85d092c91b00f4ce97fbed2a6720611b160fdc5b4
-
SHA512
12f82684e2ed1933befcbf4f6148613161d943bb6df617b4834257d9e4979b87ed64ec14f8428895fb437c33a516e290b09717f67a99f3e9d95f79196c0179b5
-
SSDEEP
6144:toCb5nZUH7f1sWDJASCFGeV+TWWGt7Pz4D2mDmgw01ncbiA1JnlWhnT:KAZ211DebFtVixG1PMDPmg3ncbiI/WhT
Score8/10-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-