General
-
Target
ef35c22cb5326adb1fe3e89d9bb91e88e9aa23c69937d1effdcac240b019fdc7
-
Size
80KB
-
Sample
240504-fdj7jsge23
-
MD5
5bd464e2d236d23bd57081eaba4a0b5e
-
SHA1
4040840f253dbd85b97fc1dc41e4cb962fa9436d
-
SHA256
ef35c22cb5326adb1fe3e89d9bb91e88e9aa23c69937d1effdcac240b019fdc7
-
SHA512
10613c60356f76123d933780e1e73bb72d7c1481696ae77885989687e0c02b976c71e8681691dfd2f248c02c457f279185bf9e1464e93397dcdd40b8d117c4e3
-
SSDEEP
1536:6zfMMkqZPUMRsNFljx5sGOgMsqPhd976zdNE6ecbe1wA2sAVzx:AfMibQPj7Msq5j5cUwAZ4l
Malware Config
Targets
-
-
Target
ef35c22cb5326adb1fe3e89d9bb91e88e9aa23c69937d1effdcac240b019fdc7
-
Size
80KB
-
MD5
5bd464e2d236d23bd57081eaba4a0b5e
-
SHA1
4040840f253dbd85b97fc1dc41e4cb962fa9436d
-
SHA256
ef35c22cb5326adb1fe3e89d9bb91e88e9aa23c69937d1effdcac240b019fdc7
-
SHA512
10613c60356f76123d933780e1e73bb72d7c1481696ae77885989687e0c02b976c71e8681691dfd2f248c02c457f279185bf9e1464e93397dcdd40b8d117c4e3
-
SSDEEP
1536:6zfMMkqZPUMRsNFljx5sGOgMsqPhd976zdNE6ecbe1wA2sAVzx:AfMibQPj7Msq5j5cUwAZ4l
Score9/10-
Detects executables built or packed with MPress PE compressor
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-