General
-
Target
betav6_2.zip
-
Size
735KB
-
Sample
240123-syya5abfak
-
MD5
cd2bb9857320b4a4f8616d3efe956823
-
SHA1
a7e0809e4475257fda01291a27ff1207a996a185
-
SHA256
3d16c0b2b646b27b4c97e8faf25cc0fb6163be6c8a06052e35c871ecdc1a2e0b
-
SHA512
8a8e3d27a344203f47133af92c997a27d236e472e167dd246e97ce82613d8e481e6f16bce74d5aa48032585602c6969c782d22d780308e0fec4801ca07233d3c
-
SSDEEP
12288:ldYUdLAZAJa2h9j8vAXKb7LGme6f2PyWRq7oGLslRZJbEqFQn9ZjOwK0lu:lRsAk2CIKPW6f2aJoKAvFQnPLK0Y
Malware Config
Targets
-
-
Target
betav6_2.zip
-
Size
735KB
-
MD5
cd2bb9857320b4a4f8616d3efe956823
-
SHA1
a7e0809e4475257fda01291a27ff1207a996a185
-
SHA256
3d16c0b2b646b27b4c97e8faf25cc0fb6163be6c8a06052e35c871ecdc1a2e0b
-
SHA512
8a8e3d27a344203f47133af92c997a27d236e472e167dd246e97ce82613d8e481e6f16bce74d5aa48032585602c6969c782d22d780308e0fec4801ca07233d3c
-
SSDEEP
12288:ldYUdLAZAJa2h9j8vAXKb7LGme6f2PyWRq7oGLslRZJbEqFQn9ZjOwK0lu:lRsAk2CIKPW6f2aJoKAvFQnPLK0Y
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-