General
-
Target
e1fad3a571416be050ca48f0b9adf8fa
-
Size
17KB
-
Sample
240327-snp7rseg96
-
MD5
e1fad3a571416be050ca48f0b9adf8fa
-
SHA1
09accf465ad7d700481f93e19d0aeda1301ebbe6
-
SHA256
dd379af285c02e968bdf05bf66d66943bd60901061596c812dab86fb4da1ea8f
-
SHA512
6ed3bc904950657492c655d9c9f965d2cce55ec5a1339ef37545fa5475f9edd5a1293fd2a4c07129491ded4446a5cf8c95d51f1b59d434a21a1f06debe49768f
-
SSDEEP
384:oFrFr4/0cmZO2Zp+Nye8pqrmub8TyztsDN:o1W/0oKK8o8TyJc
Malware Config
Targets
-
-
Target
e1fad3a571416be050ca48f0b9adf8fa
-
Size
17KB
-
MD5
e1fad3a571416be050ca48f0b9adf8fa
-
SHA1
09accf465ad7d700481f93e19d0aeda1301ebbe6
-
SHA256
dd379af285c02e968bdf05bf66d66943bd60901061596c812dab86fb4da1ea8f
-
SHA512
6ed3bc904950657492c655d9c9f965d2cce55ec5a1339ef37545fa5475f9edd5a1293fd2a4c07129491ded4446a5cf8c95d51f1b59d434a21a1f06debe49768f
-
SSDEEP
384:oFrFr4/0cmZO2Zp+Nye8pqrmub8TyztsDN:o1W/0oKK8o8TyJc
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-