General
-
Target
5cffa672ebd1273bff405d41e9ffa4ac3617a15090e9ef9d71acc8169a8bf60d
-
Size
5.7MB
-
Sample
240319-zc7e8sff3s
-
MD5
e2df2f293641ebb0517370a53dd94836
-
SHA1
3724a4124ed509cd8deb5b597a99a0fcd72d346d
-
SHA256
5cffa672ebd1273bff405d41e9ffa4ac3617a15090e9ef9d71acc8169a8bf60d
-
SHA512
5cc58fb7e32d231245439e7f214c17eb403d47fee5aeff3bb6b204d839eb54bf478d6cdd36ca6fb3c238479580b0bc73c89852ad46b77080eed14b5567c9bbd0
-
SSDEEP
98304:+FDGUxZyPnHrOxYZ3JgOsQ++8ORgVygOGeEhF6EKCjwrZSarkL7:phPnHrOYmQHROTOGewLKawrZs
Malware Config
Targets
-
-
Target
5cffa672ebd1273bff405d41e9ffa4ac3617a15090e9ef9d71acc8169a8bf60d
-
Size
5.7MB
-
MD5
e2df2f293641ebb0517370a53dd94836
-
SHA1
3724a4124ed509cd8deb5b597a99a0fcd72d346d
-
SHA256
5cffa672ebd1273bff405d41e9ffa4ac3617a15090e9ef9d71acc8169a8bf60d
-
SHA512
5cc58fb7e32d231245439e7f214c17eb403d47fee5aeff3bb6b204d839eb54bf478d6cdd36ca6fb3c238479580b0bc73c89852ad46b77080eed14b5567c9bbd0
-
SSDEEP
98304:+FDGUxZyPnHrOxYZ3JgOsQ++8ORgVygOGeEhF6EKCjwrZSarkL7:phPnHrOYmQHROTOGewLKawrZs
Score9/10-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-