General
-
Target
bd4b11e40d1ebd839d02e668c097f018
-
Size
80KB
-
Sample
240310-bsdabsgc56
-
MD5
bd4b11e40d1ebd839d02e668c097f018
-
SHA1
64bd5768eb0cfe54f9ffa8daef429ceb9879c235
-
SHA256
d3ac9178b6e07b4331c00abbbbc84d92731acf53332bb4986a14815d9e29dbcb
-
SHA512
842c8f5d49f597420e023050374b1754ea770fe589f131e247fa37b2d3734fa27f5cb6564b1fee52e110b35443a07266362a253695686faebcc3693853e545e6
-
SSDEEP
768:EyLwrBwCZM/gQUGHeBPY9ogmu3x88w9NtvDHvGk5Lak7R9uDNIXNldBkaQkTHxVX:HtLUKt3x899NtrOCrlXklgV
Malware Config
Targets
-
-
Target
bd4b11e40d1ebd839d02e668c097f018
-
Size
80KB
-
MD5
bd4b11e40d1ebd839d02e668c097f018
-
SHA1
64bd5768eb0cfe54f9ffa8daef429ceb9879c235
-
SHA256
d3ac9178b6e07b4331c00abbbbc84d92731acf53332bb4986a14815d9e29dbcb
-
SHA512
842c8f5d49f597420e023050374b1754ea770fe589f131e247fa37b2d3734fa27f5cb6564b1fee52e110b35443a07266362a253695686faebcc3693853e545e6
-
SSDEEP
768:EyLwrBwCZM/gQUGHeBPY9ogmu3x88w9NtvDHvGk5Lak7R9uDNIXNldBkaQkTHxVX:HtLUKt3x899NtrOCrlXklgV
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-