General
-
Target
1af8dee4b7d8c34a6da06b9f014773789e443ffa5c6deebeaa7a667acae0dc48
-
Size
47KB
-
Sample
240326-wh41hsgb82
-
MD5
a7b406c02fcc09ebb6885ab4cba8699f
-
SHA1
eea25a4900f4637f464e39ea04452f39745245ad
-
SHA256
1af8dee4b7d8c34a6da06b9f014773789e443ffa5c6deebeaa7a667acae0dc48
-
SHA512
ed7115c15d88602a86122fc6add772a47c5a06ee695a08a638dc0874ff8f708b73739f4309b373bc133f39f3ff82aeb6f4e5e0434a617d20515af83c951576df
-
SSDEEP
768:xLzrPIsVU080KYmz/IfhX5GaeimBYsHotogR8ARwre7zgVqMNWcRFD7DMeLe:lvU080dGSh4Fb08ATzgV5WxX
Malware Config
Targets
-
-
Target
1af8dee4b7d8c34a6da06b9f014773789e443ffa5c6deebeaa7a667acae0dc48
-
Size
47KB
-
MD5
a7b406c02fcc09ebb6885ab4cba8699f
-
SHA1
eea25a4900f4637f464e39ea04452f39745245ad
-
SHA256
1af8dee4b7d8c34a6da06b9f014773789e443ffa5c6deebeaa7a667acae0dc48
-
SHA512
ed7115c15d88602a86122fc6add772a47c5a06ee695a08a638dc0874ff8f708b73739f4309b373bc133f39f3ff82aeb6f4e5e0434a617d20515af83c951576df
-
SSDEEP
768:xLzrPIsVU080KYmz/IfhX5GaeimBYsHotogR8ARwre7zgVqMNWcRFD7DMeLe:lvU080dGSh4Fb08ATzgV5WxX
Score9/10-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-