General
-
Target
19b5299cb88a0be0067dc5f8f2f696c0
-
Size
392KB
-
Sample
231230-qjffnahgg8
-
MD5
19b5299cb88a0be0067dc5f8f2f696c0
-
SHA1
794be30505a11a18122097312ae1c9cb00d31729
-
SHA256
03f93022fb2cd2d28f5078aa09e73362cad1c43b9b5f9f728ece01f15ef13325
-
SHA512
88bc52860aeec3a55124db5d0d51e1b163eb5e030d8dcc3c9493c37c0a93c9d0c9b63fc05950b932f4022ff85da5621f1c5a3b3c38af245219eed355fbfb6757
-
SSDEEP
12288:Dr8mi+OQwrlULCS4cTqtMFWEacV3/sHEQ:HSrQIueSVqiFfaU
Malware Config
Targets
-
-
Target
19b5299cb88a0be0067dc5f8f2f696c0
-
Size
392KB
-
MD5
19b5299cb88a0be0067dc5f8f2f696c0
-
SHA1
794be30505a11a18122097312ae1c9cb00d31729
-
SHA256
03f93022fb2cd2d28f5078aa09e73362cad1c43b9b5f9f728ece01f15ef13325
-
SHA512
88bc52860aeec3a55124db5d0d51e1b163eb5e030d8dcc3c9493c37c0a93c9d0c9b63fc05950b932f4022ff85da5621f1c5a3b3c38af245219eed355fbfb6757
-
SSDEEP
12288:Dr8mi+OQwrlULCS4cTqtMFWEacV3/sHEQ:HSrQIueSVqiFfaU
Score8/10-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-