General
-
Target
c5ba11a244443556d056b41d55c0612cc15febcc9d6e3f6cf9abcc0cc1692af3
-
Size
530KB
-
Sample
240520-c29wbsff94
-
MD5
582a5a82c1c9aeb9d4adf5e7db16d1a5
-
SHA1
0891a6999fd3ccba159ef981a454fd97640172c4
-
SHA256
c5ba11a244443556d056b41d55c0612cc15febcc9d6e3f6cf9abcc0cc1692af3
-
SHA512
1d47160eb356a59581d11e8f66ba50dd3daa05300e54b53262187f45868ca465734b239ecf6a8aa3a2b58ad7ccd7448d3bef51069ce8a484914bd47c80433a84
-
SSDEEP
3072:XCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAb:XqDAwl0xPTMiR9JSSxPUKuqododHYT
Malware Config
Targets
-
-
Target
c5ba11a244443556d056b41d55c0612cc15febcc9d6e3f6cf9abcc0cc1692af3
-
Size
530KB
-
MD5
582a5a82c1c9aeb9d4adf5e7db16d1a5
-
SHA1
0891a6999fd3ccba159ef981a454fd97640172c4
-
SHA256
c5ba11a244443556d056b41d55c0612cc15febcc9d6e3f6cf9abcc0cc1692af3
-
SHA512
1d47160eb356a59581d11e8f66ba50dd3daa05300e54b53262187f45868ca465734b239ecf6a8aa3a2b58ad7ccd7448d3bef51069ce8a484914bd47c80433a84
-
SSDEEP
3072:XCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAb:XqDAwl0xPTMiR9JSSxPUKuqododHYT
Score9/10-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-