General
-
Target
7e45cffae2ee79e217b237857767063deaf0e667520beb2f659712d82fcbf069
-
Size
204KB
-
Sample
240314-zths7shb49
-
MD5
4216cc72d3c7854dba686050a331a649
-
SHA1
fc6d7e574d946a7af84f506a43d2990c01df3ea3
-
SHA256
7e45cffae2ee79e217b237857767063deaf0e667520beb2f659712d82fcbf069
-
SHA512
d0e8cb0d8298fb1ddf5b9d4f1c54948d89696d0476947b4a7da29c5361fc582e9bfa773f5c191ed4affcc4f479ecb430778fd75d6c4f085ea6796fdc28b17e03
-
SSDEEP
3072:JmwW8o0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWVVW:wFT4QxL7B9W0c1RCzR/fSmlu4
Malware Config
Targets
-
-
Target
7e45cffae2ee79e217b237857767063deaf0e667520beb2f659712d82fcbf069
-
Size
204KB
-
MD5
4216cc72d3c7854dba686050a331a649
-
SHA1
fc6d7e574d946a7af84f506a43d2990c01df3ea3
-
SHA256
7e45cffae2ee79e217b237857767063deaf0e667520beb2f659712d82fcbf069
-
SHA512
d0e8cb0d8298fb1ddf5b9d4f1c54948d89696d0476947b4a7da29c5361fc582e9bfa773f5c191ed4affcc4f479ecb430778fd75d6c4f085ea6796fdc28b17e03
-
SSDEEP
3072:JmwW8o0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWVVW:wFT4QxL7B9W0c1RCzR/fSmlu4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-