General
-
Target
VirusShare_f24a807d36482d76272ba9422a4def70
-
Size
140KB
-
Sample
240204-trq4xaeae2
-
MD5
f24a807d36482d76272ba9422a4def70
-
SHA1
f68b980514a5cfea35963ad94b9fc221b9e0faf0
-
SHA256
2e264bd682fca0ea14723e9833c59f54483f46cf7e19b1330681ea180dda3518
-
SHA512
c7b67712ff10e3564afb06b2884988570584812e3e5c756edea1d1726e541a6a84ac1e9635cde3b3cefc7f8282d50c4fd2164217341c4f04512347494db53a8e
-
SSDEEP
1536:7Cmc5/kaYG7J68liPnFzaNn3BvzOtwuToNVZHY91EJsTDmQlyPTXJbiTQVGCwE9p:73c5/WPFze1Stw/VymQcPTMTRJo
Malware Config
Targets
-
-
Target
VirusShare_f24a807d36482d76272ba9422a4def70
-
Size
140KB
-
MD5
f24a807d36482d76272ba9422a4def70
-
SHA1
f68b980514a5cfea35963ad94b9fc221b9e0faf0
-
SHA256
2e264bd682fca0ea14723e9833c59f54483f46cf7e19b1330681ea180dda3518
-
SHA512
c7b67712ff10e3564afb06b2884988570584812e3e5c756edea1d1726e541a6a84ac1e9635cde3b3cefc7f8282d50c4fd2164217341c4f04512347494db53a8e
-
SSDEEP
1536:7Cmc5/kaYG7J68liPnFzaNn3BvzOtwuToNVZHY91EJsTDmQlyPTXJbiTQVGCwE9p:73c5/WPFze1Stw/VymQcPTMTRJo
Score9/10-
UPX dump on OEP (original entry point)
-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-