General
-
Target
db768431a474259ec934cc16175f8084d7c4859dee78c65bf311b65bef3b28da
-
Size
156KB
-
Sample
240418-dvd1raah2t
-
MD5
20edda78b2e4b34c7697abd1565c4f94
-
SHA1
2aa9869a57e5ebf30f0d172ea9e74d655b0af41a
-
SHA256
db768431a474259ec934cc16175f8084d7c4859dee78c65bf311b65bef3b28da
-
SHA512
137ce497e2b9a5dd9e930b91046fababead2d810c282ab512d63a06a2ce7630947c625f325dcc550556f6a0e1c02bfed85d08c7a8899b89c8f193279f9524a93
-
SSDEEP
3072:Drdsw3YSz8KvAmRPveYlUq/kzPi0gEr+YsBYPAZ1KHiLwcIaZ1M4oQZiE9i:jIS2EGaUq8iHEXsCJR8ZCWH
Malware Config
Targets
-
-
Target
db768431a474259ec934cc16175f8084d7c4859dee78c65bf311b65bef3b28da
-
Size
156KB
-
MD5
20edda78b2e4b34c7697abd1565c4f94
-
SHA1
2aa9869a57e5ebf30f0d172ea9e74d655b0af41a
-
SHA256
db768431a474259ec934cc16175f8084d7c4859dee78c65bf311b65bef3b28da
-
SHA512
137ce497e2b9a5dd9e930b91046fababead2d810c282ab512d63a06a2ce7630947c625f325dcc550556f6a0e1c02bfed85d08c7a8899b89c8f193279f9524a93
-
SSDEEP
3072:Drdsw3YSz8KvAmRPveYlUq/kzPi0gEr+YsBYPAZ1KHiLwcIaZ1M4oQZiE9i:jIS2EGaUq8iHEXsCJR8ZCWH
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-