General
-
Target
dfba28e55463603a3824c873e839a2de
-
Size
123KB
-
Sample
240326-v6d9bsaf7z
-
MD5
dfba28e55463603a3824c873e839a2de
-
SHA1
46d497f450eed028498f0904e1f396b90c32821a
-
SHA256
4a1b1f5cceb69530de0a5b600b22cb16ce0a3ae8feacf41aea5494035c83da3d
-
SHA512
f4f87a5c7a98c2ab5d2320cca35f3251c4980eb0c435f9d4153b959a934641bb725cb76d9828fc8d5e3e6900a2708f00dbb0f456fdad3d1800331409908698ff
-
SSDEEP
3072:OeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLLm1nzj:OVYrJrOSsRwcpg5f
Malware Config
Targets
-
-
Target
dfba28e55463603a3824c873e839a2de
-
Size
123KB
-
MD5
dfba28e55463603a3824c873e839a2de
-
SHA1
46d497f450eed028498f0904e1f396b90c32821a
-
SHA256
4a1b1f5cceb69530de0a5b600b22cb16ce0a3ae8feacf41aea5494035c83da3d
-
SHA512
f4f87a5c7a98c2ab5d2320cca35f3251c4980eb0c435f9d4153b959a934641bb725cb76d9828fc8d5e3e6900a2708f00dbb0f456fdad3d1800331409908698ff
-
SSDEEP
3072:OeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLLm1nzj:OVYrJrOSsRwcpg5f
Score8/10-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-