General
-
Target
28224b017582229e685adf5a585a8894d94cbdc673792c9545272b974daedd3a
-
Size
69KB
-
Sample
240309-z96j7sah63
-
MD5
748aaaf33c6c8889b363bcaff602b800
-
SHA1
d264de1f67f0ee7165cef3e887b6f8d24eca63e2
-
SHA256
28224b017582229e685adf5a585a8894d94cbdc673792c9545272b974daedd3a
-
SHA512
25d0421e8fec10af5f2959984ba8039c6e4fce128306b811114a4d8ab630ad8bc3f05343c6dbbe8688da958c978dcf2fe0c56fe59e69ee21b442b81b20559629
-
SSDEEP
768:xLzrPIsVU080KYmz/IfhX5GaeimBYsHotogR8ARwre7zgVqMNWcRFD7Dpz:lvU080dGSh4Fb08ATzgV5Wcz
Malware Config
Targets
-
-
Target
28224b017582229e685adf5a585a8894d94cbdc673792c9545272b974daedd3a
-
Size
69KB
-
MD5
748aaaf33c6c8889b363bcaff602b800
-
SHA1
d264de1f67f0ee7165cef3e887b6f8d24eca63e2
-
SHA256
28224b017582229e685adf5a585a8894d94cbdc673792c9545272b974daedd3a
-
SHA512
25d0421e8fec10af5f2959984ba8039c6e4fce128306b811114a4d8ab630ad8bc3f05343c6dbbe8688da958c978dcf2fe0c56fe59e69ee21b442b81b20559629
-
SSDEEP
768:xLzrPIsVU080KYmz/IfhX5GaeimBYsHotogR8ARwre7zgVqMNWcRFD7Dpz:lvU080dGSh4Fb08ATzgV5Wcz
Score9/10-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-