General
-
Target
8e4052aa7e35fcc5cd81b062a9ad2f1a
-
Size
292KB
-
Sample
240204-ffaqwshgh9
-
MD5
8e4052aa7e35fcc5cd81b062a9ad2f1a
-
SHA1
d6dfac9337190995240b5b29a0b781d55794958b
-
SHA256
78e5a7d5cb1f0a7847e0e84eaad344a47592ae2ac2ea852cb314ab521458b7fe
-
SHA512
ce1920afd0b8425ade42b35725dd358d1ff58fd18b847d51dee1f43d4ab4b27c0cf3ad93b75e30bac4c1658200e5253602eb8524ee44a38448ea58f17d4246de
-
SSDEEP
6144:LJwlRfDX0WezfhNgcdVden2/s58bC90Lsj+2IgT:LiXEWezZNgcd+nz90Qsg
Malware Config
Targets
-
-
Target
8e4052aa7e35fcc5cd81b062a9ad2f1a
-
Size
292KB
-
MD5
8e4052aa7e35fcc5cd81b062a9ad2f1a
-
SHA1
d6dfac9337190995240b5b29a0b781d55794958b
-
SHA256
78e5a7d5cb1f0a7847e0e84eaad344a47592ae2ac2ea852cb314ab521458b7fe
-
SHA512
ce1920afd0b8425ade42b35725dd358d1ff58fd18b847d51dee1f43d4ab4b27c0cf3ad93b75e30bac4c1658200e5253602eb8524ee44a38448ea58f17d4246de
-
SSDEEP
6144:LJwlRfDX0WezfhNgcdVden2/s58bC90Lsj+2IgT:LiXEWezZNgcd+nz90Qsg
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-