General
-
Target
08d1cf3f790eec1acac50661d0f5c0cab4b60d6c8195385416ffc7f9c0d77f05
-
Size
132KB
-
Sample
240418-w71dmacf9x
-
MD5
8271483b435b192075acc08251b0eb3c
-
SHA1
5c1d4300120c570eb4b280b1ee4432d2d090d840
-
SHA256
08d1cf3f790eec1acac50661d0f5c0cab4b60d6c8195385416ffc7f9c0d77f05
-
SHA512
a3a52af01380f196e3d73436aae1d8ebf25800f1b91ed06c5d53fa98921d0d2a6fbb31c34d41255f97ad48fbbcf4ba8d5f93010176fc352360f51730c4976bed
-
SSDEEP
3072:+L3cU0qEBNBGh3Gi85CJIldRonVI0mgn0W4zubD:+wU0qEBzGhWiiCDVI0mgnzk
Malware Config
Targets
-
-
Target
08d1cf3f790eec1acac50661d0f5c0cab4b60d6c8195385416ffc7f9c0d77f05
-
Size
132KB
-
MD5
8271483b435b192075acc08251b0eb3c
-
SHA1
5c1d4300120c570eb4b280b1ee4432d2d090d840
-
SHA256
08d1cf3f790eec1acac50661d0f5c0cab4b60d6c8195385416ffc7f9c0d77f05
-
SHA512
a3a52af01380f196e3d73436aae1d8ebf25800f1b91ed06c5d53fa98921d0d2a6fbb31c34d41255f97ad48fbbcf4ba8d5f93010176fc352360f51730c4976bed
-
SSDEEP
3072:+L3cU0qEBNBGh3Gi85CJIldRonVI0mgn0W4zubD:+wU0qEBzGhWiiCDVI0mgnzk
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-