General
-
Target
06de733516b833c1c230325027409ebf
-
Size
125KB
-
Sample
231229-3ep6hshdb7
-
MD5
06de733516b833c1c230325027409ebf
-
SHA1
f44f19115c0da5df33a0e790a2f7256def8331ea
-
SHA256
bc45d1b39b5fe9d7797afe66163a70d94e3a8d97a5b247ea455b8da3bace51dd
-
SHA512
67631e2041b298e9dcb0872a88ca210dd1ce7ef3f9bcf9823acd1dbc6e9eae542c8af621f120659acc2a9fdbdd1f627652834f4e67c2cfda4d368834e8ce0716
-
SSDEEP
3072:JfwNYprucJtwDkLqIIrI9gJWf9Dn0MMf0MCclsf2yn:1xu8w4LqIIrDQ1QMMf0fAsf2c
Malware Config
Targets
-
-
Target
06de733516b833c1c230325027409ebf
-
Size
125KB
-
MD5
06de733516b833c1c230325027409ebf
-
SHA1
f44f19115c0da5df33a0e790a2f7256def8331ea
-
SHA256
bc45d1b39b5fe9d7797afe66163a70d94e3a8d97a5b247ea455b8da3bace51dd
-
SHA512
67631e2041b298e9dcb0872a88ca210dd1ce7ef3f9bcf9823acd1dbc6e9eae542c8af621f120659acc2a9fdbdd1f627652834f4e67c2cfda4d368834e8ce0716
-
SSDEEP
3072:JfwNYprucJtwDkLqIIrI9gJWf9Dn0MMf0MCclsf2yn:1xu8w4LqIIrDQ1QMMf0fAsf2c
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-