General
-
Target
b88332d4a047eadf082fe707a40b679d
-
Size
17KB
-
Sample
240307-mhvbmshb86
-
MD5
b88332d4a047eadf082fe707a40b679d
-
SHA1
9db64e4764b9ba65e2be9eefea3d0eb3fd464d9a
-
SHA256
d952036bf069e81f2bc615fa074360682c66ee6bd6ca66bfb38b67b34633db84
-
SHA512
ab2485e7e87634f37929a8f3cfd244fd4dd2e1a85b4e3b2efba92259896b12cf164af82b0c443a368315cb698bf13ce0f9bd8779b6d7baf46488e86ae5b99723
-
SSDEEP
384:QFq8owoslYcmZO2Zp+Nye8pqrmub8TyztsDN:QYAVlYoKK8o8TyJc
Malware Config
Targets
-
-
Target
b88332d4a047eadf082fe707a40b679d
-
Size
17KB
-
MD5
b88332d4a047eadf082fe707a40b679d
-
SHA1
9db64e4764b9ba65e2be9eefea3d0eb3fd464d9a
-
SHA256
d952036bf069e81f2bc615fa074360682c66ee6bd6ca66bfb38b67b34633db84
-
SHA512
ab2485e7e87634f37929a8f3cfd244fd4dd2e1a85b4e3b2efba92259896b12cf164af82b0c443a368315cb698bf13ce0f9bd8779b6d7baf46488e86ae5b99723
-
SSDEEP
384:QFq8owoslYcmZO2Zp+Nye8pqrmub8TyztsDN:QYAVlYoKK8o8TyJc
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-