General
-
Target
cf073ce298f36cdf0c8af096731a7cdb982c069266ae09452659e7a49a8a6560
-
Size
52KB
-
Sample
240425-d3pr8aee47
-
MD5
229956c0ed1791f28201eb0d2c79f8a0
-
SHA1
ff190a257e2ae027d526e599a811655b1f60fe24
-
SHA256
cf073ce298f36cdf0c8af096731a7cdb982c069266ae09452659e7a49a8a6560
-
SHA512
2678a766dc05aba96affb600245a11a0fa0b8c5fc6ddd8a7ab49dbdf03d0b881bf2dbc8db409e74e4904ea28dce29d838ecce4064eb8991c701b58eade0c971e
-
SSDEEP
768:Lnj87QC4dMdtOSTtLD9ilba1xVZHNWnnnl000e999fUeeeeAXXXcnGGGGX:bjgRnC+1zZHNWnnnJXXXcnGGGGX
Malware Config
Targets
-
-
Target
cf073ce298f36cdf0c8af096731a7cdb982c069266ae09452659e7a49a8a6560
-
Size
52KB
-
MD5
229956c0ed1791f28201eb0d2c79f8a0
-
SHA1
ff190a257e2ae027d526e599a811655b1f60fe24
-
SHA256
cf073ce298f36cdf0c8af096731a7cdb982c069266ae09452659e7a49a8a6560
-
SHA512
2678a766dc05aba96affb600245a11a0fa0b8c5fc6ddd8a7ab49dbdf03d0b881bf2dbc8db409e74e4904ea28dce29d838ecce4064eb8991c701b58eade0c971e
-
SSDEEP
768:Lnj87QC4dMdtOSTtLD9ilba1xVZHNWnnnl000e999fUeeeeAXXXcnGGGGX:bjgRnC+1zZHNWnnnJXXXcnGGGGX
Score9/10-
Detects Windows executables referencing non-Windows User-Agents
-
UPX dump on OEP (original entry point)
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-