General
-
Target
b4fd39b6b00d72034fe303bffa58d8bfd1e6c4631ae9ee9cb7a011cdb3dc6538
-
Size
65KB
-
Sample
240501-ctwnqsfg82
-
MD5
467ec21e6e8272654dfc49b608f79929
-
SHA1
cbc0de01c56bd61dec046e1e488adc4913543281
-
SHA256
b4fd39b6b00d72034fe303bffa58d8bfd1e6c4631ae9ee9cb7a011cdb3dc6538
-
SHA512
a707851550c64f702fc7ac9d83b7c6b8f3b260d7a65c740a870582efe23ec3c16dfae1e3a280c17d2f1cbd2654c99b3ffcac2639ad2f05fbd32516fa1d7451d1
-
SSDEEP
768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyX67:Zr3Z5IfQIR81ad5yX67
Malware Config
Targets
-
-
Target
b4fd39b6b00d72034fe303bffa58d8bfd1e6c4631ae9ee9cb7a011cdb3dc6538
-
Size
65KB
-
MD5
467ec21e6e8272654dfc49b608f79929
-
SHA1
cbc0de01c56bd61dec046e1e488adc4913543281
-
SHA256
b4fd39b6b00d72034fe303bffa58d8bfd1e6c4631ae9ee9cb7a011cdb3dc6538
-
SHA512
a707851550c64f702fc7ac9d83b7c6b8f3b260d7a65c740a870582efe23ec3c16dfae1e3a280c17d2f1cbd2654c99b3ffcac2639ad2f05fbd32516fa1d7451d1
-
SSDEEP
768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyX67:Zr3Z5IfQIR81ad5yX67
Score9/10-
Detects Windows executables referencing non-Windows User-Agents
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-