General
-
Target
cd72ecb25b8564a7bd68257c0aecc0c7
-
Size
17KB
-
Sample
240316-h34zcsed6v
-
MD5
cd72ecb25b8564a7bd68257c0aecc0c7
-
SHA1
2ca20b26f4b407ba638398ef6b1fef5246d0dc5b
-
SHA256
4f35f086693edf68921bc7e96337a243010fc0b415f0706d1733d9909718b7f1
-
SHA512
1fad43b5a24442ab9afccc5db4a3604d1b26b759d376b9b46030602433bffc280436858cb315ac72aa480a807390b181b81a7629fc9f87ae3dfd06a05e098fc8
-
SSDEEP
384:FvFcH2x8fwcmZO2Zp+Nye8pqrmub8TyztsDN:FvGffwoKK8o8TyJc
Malware Config
Targets
-
-
Target
cd72ecb25b8564a7bd68257c0aecc0c7
-
Size
17KB
-
MD5
cd72ecb25b8564a7bd68257c0aecc0c7
-
SHA1
2ca20b26f4b407ba638398ef6b1fef5246d0dc5b
-
SHA256
4f35f086693edf68921bc7e96337a243010fc0b415f0706d1733d9909718b7f1
-
SHA512
1fad43b5a24442ab9afccc5db4a3604d1b26b759d376b9b46030602433bffc280436858cb315ac72aa480a807390b181b81a7629fc9f87ae3dfd06a05e098fc8
-
SSDEEP
384:FvFcH2x8fwcmZO2Zp+Nye8pqrmub8TyztsDN:FvGffwoKK8o8TyJc
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-