General
-
Target
8d1dc53c355398e1cdff020fe8a8e993
-
Size
939KB
-
Sample
240203-xtncksgcb3
-
MD5
8d1dc53c355398e1cdff020fe8a8e993
-
SHA1
e1e73b78d47cb48cf3412c2aa3e7324e64f97eb8
-
SHA256
2670e495afec5ecfde3f614f64b6a18de2cf726ff593c553d83f6a37f577afab
-
SHA512
c8b256ab40f04d75d280a98983053eb7a92eda5287eb39c1ada6c1683e8c6006f284f5c229e5c89f1727796eaebc3053fc4e82ec0a83d44aadde58e7faaf703e
-
SSDEEP
12288:D8W6g06X0hbb7yt9WC9AVing1PCHKTsut/CAlPKGZ9fJyOq:Dfxkbb7ySIiTsut6lqfAOq
Malware Config
Targets
-
-
Target
8d1dc53c355398e1cdff020fe8a8e993
-
Size
939KB
-
MD5
8d1dc53c355398e1cdff020fe8a8e993
-
SHA1
e1e73b78d47cb48cf3412c2aa3e7324e64f97eb8
-
SHA256
2670e495afec5ecfde3f614f64b6a18de2cf726ff593c553d83f6a37f577afab
-
SHA512
c8b256ab40f04d75d280a98983053eb7a92eda5287eb39c1ada6c1683e8c6006f284f5c229e5c89f1727796eaebc3053fc4e82ec0a83d44aadde58e7faaf703e
-
SSDEEP
12288:D8W6g06X0hbb7yt9WC9AVing1PCHKTsut/CAlPKGZ9fJyOq:Dfxkbb7ySIiTsut6lqfAOq
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Molebox Virtualization software
Detects file using Molebox Virtualization software.
-
Drops file in System32 directory
-