General
-
Target
fdfda7026d95c4fe081ec2f36fedac5b797957330a96b314717346b174c30204
-
Size
160KB
-
Sample
240425-galrmsgb53
-
MD5
8df411cd55947786094224d190978f36
-
SHA1
92b0e6c1e31aca7599d3597189f7914961a16a47
-
SHA256
fdfda7026d95c4fe081ec2f36fedac5b797957330a96b314717346b174c30204
-
SHA512
16d3ad2aa3aaf5d3f95f5925daf455cdfdbf2d11b1ddea486bcc1909238aabb64a96434067aa55d26fd3a1f51999455cc429f559d67509c0b6f9e7f258652a50
-
SSDEEP
3072:IGzsrB2oe5g+GwJs8K9YUoIrJaRuSZ/JlQPj/PYv2wM0B2vmkHgHAGFAhD4oQZi0:IGwr3P9YErMRuSZ/JlQLHYv2PvzGAMAq
Malware Config
Targets
-
-
Target
fdfda7026d95c4fe081ec2f36fedac5b797957330a96b314717346b174c30204
-
Size
160KB
-
MD5
8df411cd55947786094224d190978f36
-
SHA1
92b0e6c1e31aca7599d3597189f7914961a16a47
-
SHA256
fdfda7026d95c4fe081ec2f36fedac5b797957330a96b314717346b174c30204
-
SHA512
16d3ad2aa3aaf5d3f95f5925daf455cdfdbf2d11b1ddea486bcc1909238aabb64a96434067aa55d26fd3a1f51999455cc429f559d67509c0b6f9e7f258652a50
-
SSDEEP
3072:IGzsrB2oe5g+GwJs8K9YUoIrJaRuSZ/JlQPj/PYv2wM0B2vmkHgHAGFAhD4oQZi0:IGwr3P9YErMRuSZ/JlQLHYv2PvzGAMAq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-