General
-
Target
9a68120e811e8681ff5bf716a465fcb7
-
Size
476KB
-
Sample
240214-bnzyjade2z
-
MD5
9a68120e811e8681ff5bf716a465fcb7
-
SHA1
ace9c51554199cdd0a45d8cfb181cc4b01713a50
-
SHA256
e7b04cc88e4010b8cd5c570323677f5789ced9fdb46abf1bcdc618a846c98bba
-
SHA512
4820a35bdc594444129adf45bdd0dd54afda7a2de9144a44f83e3ee1b48c2796a7ff24559a7e9a16d0a629dac1d2836c34e6ca4e8cf359f83b96b81ced67be18
-
SSDEEP
12288:PRPq3pNUk7+2xObwM/XaLGuK4oXKTKHq0Hw:oMF/bwM/XkK4oae6
Malware Config
Targets
-
-
Target
9a68120e811e8681ff5bf716a465fcb7
-
Size
476KB
-
MD5
9a68120e811e8681ff5bf716a465fcb7
-
SHA1
ace9c51554199cdd0a45d8cfb181cc4b01713a50
-
SHA256
e7b04cc88e4010b8cd5c570323677f5789ced9fdb46abf1bcdc618a846c98bba
-
SHA512
4820a35bdc594444129adf45bdd0dd54afda7a2de9144a44f83e3ee1b48c2796a7ff24559a7e9a16d0a629dac1d2836c34e6ca4e8cf359f83b96b81ced67be18
-
SSDEEP
12288:PRPq3pNUk7+2xObwM/XaLGuK4oXKTKHq0Hw:oMF/bwM/XkK4oae6
Score8/10-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-