General
-
Target
2ad66e864db3775b7b10f8309d2cc25663aade475bed44af56a747ce1ae37b42
-
Size
188KB
-
Sample
240421-yqw1zsaf85
-
MD5
5fb12b6d7121b9ec088cddf0f8be695b
-
SHA1
673f0a140a0f34af077ecaeb55b8a18cad4e8b71
-
SHA256
2ad66e864db3775b7b10f8309d2cc25663aade475bed44af56a747ce1ae37b42
-
SHA512
05628da1d8c01e67e4f6aedbafe5575cd1fe39adfa1eac7b7efd8e9dd46533670098ba34ae609887984842173cc586fa327e34a07f7f2d0da0767b814d10a556
-
SSDEEP
3072:K7fyQ+65ROnFX5pY0hrDGILpLI0M/Dk4KrfXRdjnbk9bOlezfQnFTTvprw1WdfW6:K76Q+1CKs0tzXRdjbk9bbyvprwwpW
Malware Config
Targets
-
-
Target
2ad66e864db3775b7b10f8309d2cc25663aade475bed44af56a747ce1ae37b42
-
Size
188KB
-
MD5
5fb12b6d7121b9ec088cddf0f8be695b
-
SHA1
673f0a140a0f34af077ecaeb55b8a18cad4e8b71
-
SHA256
2ad66e864db3775b7b10f8309d2cc25663aade475bed44af56a747ce1ae37b42
-
SHA512
05628da1d8c01e67e4f6aedbafe5575cd1fe39adfa1eac7b7efd8e9dd46533670098ba34ae609887984842173cc586fa327e34a07f7f2d0da0767b814d10a556
-
SSDEEP
3072:K7fyQ+65ROnFX5pY0hrDGILpLI0M/Dk4KrfXRdjnbk9bOlezfQnFTTvprw1WdfW6:K76Q+1CKs0tzXRdjbk9bbyvprwwpW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-