General
-
Target
8d24789b13d9188a9fd2e4d0f53ed9ea
-
Size
35KB
-
Sample
240203-x3nppsagdq
-
MD5
8d24789b13d9188a9fd2e4d0f53ed9ea
-
SHA1
d9f0cb558c3098b760c686655dfed63729a76988
-
SHA256
7de0b74e86ed6dd230d9fbb1097a3192ac0254c8bfaf8847d2e7317f5a93f458
-
SHA512
45e340d292cd1a2ae7456066b3ad9a2b9631d99eba06343248f2dd8c8400d75acb1d1c1d48978ea1c99db41700bc55d46e8f4e48c742fc451ccaff4dfb8780c2
-
SSDEEP
768:jJuE066/gtUFR53J5Ce7mvVb5GWn39FKIsXkMS0SDKwAmeOUe81vyVM:G67tUF/7C+mt9GW+IAJNSCzOUt1vyV
Malware Config
Targets
-
-
Target
8d24789b13d9188a9fd2e4d0f53ed9ea
-
Size
35KB
-
MD5
8d24789b13d9188a9fd2e4d0f53ed9ea
-
SHA1
d9f0cb558c3098b760c686655dfed63729a76988
-
SHA256
7de0b74e86ed6dd230d9fbb1097a3192ac0254c8bfaf8847d2e7317f5a93f458
-
SHA512
45e340d292cd1a2ae7456066b3ad9a2b9631d99eba06343248f2dd8c8400d75acb1d1c1d48978ea1c99db41700bc55d46e8f4e48c742fc451ccaff4dfb8780c2
-
SSDEEP
768:jJuE066/gtUFR53J5Ce7mvVb5GWn39FKIsXkMS0SDKwAmeOUe81vyVM:G67tUF/7C+mt9GW+IAJNSCzOUt1vyV
Score8/10-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-