General
-
Target
0add5a18e5bbd80a7bef02f7d6565137
-
Size
268KB
-
Sample
231230-cdgvmshhg8
-
MD5
0add5a18e5bbd80a7bef02f7d6565137
-
SHA1
1b5101da5f2546e5198476268d726adac8ddc4d5
-
SHA256
9ad77c2e0fc44a992b132cb699475fb9e8fecfb36195ef22e289097cb943d025
-
SHA512
3e2700cf3c38a932a305acd63c1e628b7d23d3c33b8605e57d11a8b99cb1e42be9ad6315ac21b2f9630ebf817799a72e9841e17acabe6eac82bc05153646aff8
-
SSDEEP
6144:0++nE8hM3kpMOMBFTB/8kfxR65adZwiMPKfjA8vFgW:/T18A1jfMifzvSW
Malware Config
Targets
-
-
Target
0add5a18e5bbd80a7bef02f7d6565137
-
Size
268KB
-
MD5
0add5a18e5bbd80a7bef02f7d6565137
-
SHA1
1b5101da5f2546e5198476268d726adac8ddc4d5
-
SHA256
9ad77c2e0fc44a992b132cb699475fb9e8fecfb36195ef22e289097cb943d025
-
SHA512
3e2700cf3c38a932a305acd63c1e628b7d23d3c33b8605e57d11a8b99cb1e42be9ad6315ac21b2f9630ebf817799a72e9841e17acabe6eac82bc05153646aff8
-
SSDEEP
6144:0++nE8hM3kpMOMBFTB/8kfxR65adZwiMPKfjA8vFgW:/T18A1jfMifzvSW
Score8/10-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-