General
-
Target
466dac862ccd5716b514daa8f627fda3
-
Size
123KB
-
Sample
240106-rgv9rshher
-
MD5
466dac862ccd5716b514daa8f627fda3
-
SHA1
03dc69670ee7ca69ea7f260e4b242d30525323ad
-
SHA256
de3080f76d516c74362d92f4cf70bfb51e85104aa1c12c8015393cea4145e128
-
SHA512
a1711a1df8e72b88a54211d259d10c61ceeea7373b7a3fbd3779ea963111f507bfd2a31bc601e07d181255da09e92b50d974a8b6fd852cf693339455b6a0a4f9
-
SSDEEP
3072:OeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLLdun4OHDA:OVYrJrOSsRwcpPelE
Malware Config
Targets
-
-
Target
466dac862ccd5716b514daa8f627fda3
-
Size
123KB
-
MD5
466dac862ccd5716b514daa8f627fda3
-
SHA1
03dc69670ee7ca69ea7f260e4b242d30525323ad
-
SHA256
de3080f76d516c74362d92f4cf70bfb51e85104aa1c12c8015393cea4145e128
-
SHA512
a1711a1df8e72b88a54211d259d10c61ceeea7373b7a3fbd3779ea963111f507bfd2a31bc601e07d181255da09e92b50d974a8b6fd852cf693339455b6a0a4f9
-
SSDEEP
3072:OeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLLdun4OHDA:OVYrJrOSsRwcpPelE
Score8/10-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-