General
-
Target
87bdb0a2b3efeb7dbbf36b7ff3eb5761.bin
-
Size
144KB
-
Sample
240203-c6kr1afbc6
-
MD5
87bdb0a2b3efeb7dbbf36b7ff3eb5761
-
SHA1
0ad7893f39aef48d8ff1eb9f14e6305f07f4a42f
-
SHA256
a835329d85cf0a2529ee48e6caa71ae8b2d7b374ef34eb92d4d2b8dc08c1b486
-
SHA512
ed0f5a3da64a122611a14051eb620bcfc5ce77d9d884fc54f7d6b6617bfb54613d9b2355911f2f024e5b3c4caaa254adba58f5512821a7eec7a825e914e01103
-
SSDEEP
3072:KhAMV3kvJoUv3+fMH9nwyIaozwi973Pe2a:KhzOIaywi973PH
Malware Config
Targets
-
-
Target
87bdb0a2b3efeb7dbbf36b7ff3eb5761.bin
-
Size
144KB
-
MD5
87bdb0a2b3efeb7dbbf36b7ff3eb5761
-
SHA1
0ad7893f39aef48d8ff1eb9f14e6305f07f4a42f
-
SHA256
a835329d85cf0a2529ee48e6caa71ae8b2d7b374ef34eb92d4d2b8dc08c1b486
-
SHA512
ed0f5a3da64a122611a14051eb620bcfc5ce77d9d884fc54f7d6b6617bfb54613d9b2355911f2f024e5b3c4caaa254adba58f5512821a7eec7a825e914e01103
-
SSDEEP
3072:KhAMV3kvJoUv3+fMH9nwyIaozwi973Pe2a:KhzOIaywi973PH
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-