General
-
Target
1f44ec0fff6011f81b714b7ed9d994a5
-
Size
175KB
-
Sample
231230-2zjnssahd8
-
MD5
1f44ec0fff6011f81b714b7ed9d994a5
-
SHA1
ce8d6fffa9fea047f0e513ecaded3baca8d47976
-
SHA256
574bb4c651fd5079be888c0dec03954ef0156f27e7bd6c5ea3051c94322d3bf6
-
SHA512
d81c2bb541519e338199fe68138710b1c909bb4fedec48e2fb26db3ae195b04acd7a7faa5a40ac2c4988771cff365206e47ebcda35fe2bb555304b125848ed25
-
SSDEEP
3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCm/D8CEqvLsDnF:gDCwfG1bnxL8ZqvQDnF
Malware Config
Targets
-
-
Target
1f44ec0fff6011f81b714b7ed9d994a5
-
Size
175KB
-
MD5
1f44ec0fff6011f81b714b7ed9d994a5
-
SHA1
ce8d6fffa9fea047f0e513ecaded3baca8d47976
-
SHA256
574bb4c651fd5079be888c0dec03954ef0156f27e7bd6c5ea3051c94322d3bf6
-
SHA512
d81c2bb541519e338199fe68138710b1c909bb4fedec48e2fb26db3ae195b04acd7a7faa5a40ac2c4988771cff365206e47ebcda35fe2bb555304b125848ed25
-
SSDEEP
3072:obpDCw1p3vmLvsZIaVwiwDcIbDHDCm/D8CEqvLsDnF:gDCwfG1bnxL8ZqvQDnF
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-