General
-
Target
bb3656b49671c9923c0f285c90bec190
-
Size
17KB
-
Sample
240308-n8lb4afd8t
-
MD5
bb3656b49671c9923c0f285c90bec190
-
SHA1
9dc4e159e6fbc928648165fbeb17fe1e592941eb
-
SHA256
af8ce7d6f8adb48ce783e258af4b9bd73f743f5382d919226811a5e44c250cf5
-
SHA512
6a168f5c2565a62a48a164a3be23384dff308ab22129022dd6f321d6ce23e1c2e58bf6d24bdc37670d330f05496251dceb29425246b9eb4102d4b30d55249da9
-
SSDEEP
384:aHFs95wykcmZO2Zp+Nye8pqrmub8TyztsDN:aHicykoKK8o8TyJc
Malware Config
Targets
-
-
Target
bb3656b49671c9923c0f285c90bec190
-
Size
17KB
-
MD5
bb3656b49671c9923c0f285c90bec190
-
SHA1
9dc4e159e6fbc928648165fbeb17fe1e592941eb
-
SHA256
af8ce7d6f8adb48ce783e258af4b9bd73f743f5382d919226811a5e44c250cf5
-
SHA512
6a168f5c2565a62a48a164a3be23384dff308ab22129022dd6f321d6ce23e1c2e58bf6d24bdc37670d330f05496251dceb29425246b9eb4102d4b30d55249da9
-
SSDEEP
384:aHFs95wykcmZO2Zp+Nye8pqrmub8TyztsDN:aHicykoKK8o8TyJc
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-