General
-
Target
7b49a7999428556c109be5771dce3b2e
-
Size
455KB
-
Sample
240127-z1185adhfn
-
MD5
7b49a7999428556c109be5771dce3b2e
-
SHA1
2b539957e2c9720bfc1f4018448803f0399cb421
-
SHA256
7d01c814e4dc147036470e958c30ec7daa1a2140961e6865d0d6b2db40c66d46
-
SHA512
ab3e7fc465603c98b20a6e8bab8bb9af3c702b2992d24e437ee80b9e6b68fd7775e507df24bf39963368ad55d2f1ff1250b271d93784450ca68e3f238a0b60d6
-
SSDEEP
12288:tPUdz/leuYergLm9AhJ4rhFkpMMnMMMMME0bJvQI6xMdI0+6DtByCVwHM1a:tsN/leuZz8W7kpMMnMMMMME029s+6RwH
Malware Config
Targets
-
-
Target
7b49a7999428556c109be5771dce3b2e
-
Size
455KB
-
MD5
7b49a7999428556c109be5771dce3b2e
-
SHA1
2b539957e2c9720bfc1f4018448803f0399cb421
-
SHA256
7d01c814e4dc147036470e958c30ec7daa1a2140961e6865d0d6b2db40c66d46
-
SHA512
ab3e7fc465603c98b20a6e8bab8bb9af3c702b2992d24e437ee80b9e6b68fd7775e507df24bf39963368ad55d2f1ff1250b271d93784450ca68e3f238a0b60d6
-
SSDEEP
12288:tPUdz/leuYergLm9AhJ4rhFkpMMnMMMMME0bJvQI6xMdI0+6DtByCVwHM1a:tsN/leuZz8W7kpMMnMMMMME029s+6RwH
Score8/10-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-