General
-
Target
8ef2ad913e3efc852950f09f09d3ec58
-
Size
17KB
-
Sample
240204-mr5hzafec9
-
MD5
8ef2ad913e3efc852950f09f09d3ec58
-
SHA1
80feb07f5a08a60f2c27e8389aea884b2c465bdf
-
SHA256
e90252de478d935b84dd38320dea5d813e979ec3a144bb796ac0000c76671b41
-
SHA512
3435c8822e38fea3dc2fb2301ca43c021745f8be9fbff5f1532418d8c8d20f3eb4f245889a37e6a8fa38305295fcc4f11a82b6e1c7ce3223f2650bb20fd02aa5
-
SSDEEP
384:zFx6TXG4cmZO2Zp+Nye8pqrmub8TyztsDN:zfyG4oKK8o8TyJc
Malware Config
Targets
-
-
Target
8ef2ad913e3efc852950f09f09d3ec58
-
Size
17KB
-
MD5
8ef2ad913e3efc852950f09f09d3ec58
-
SHA1
80feb07f5a08a60f2c27e8389aea884b2c465bdf
-
SHA256
e90252de478d935b84dd38320dea5d813e979ec3a144bb796ac0000c76671b41
-
SHA512
3435c8822e38fea3dc2fb2301ca43c021745f8be9fbff5f1532418d8c8d20f3eb4f245889a37e6a8fa38305295fcc4f11a82b6e1c7ce3223f2650bb20fd02aa5
-
SSDEEP
384:zFx6TXG4cmZO2Zp+Nye8pqrmub8TyztsDN:zfyG4oKK8o8TyJc
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-