General
-
Target
7aee28227690ff9dcafdcf2461749d472e06c72fa55304dec655b1bb0a170ff6
-
Size
35KB
-
Sample
240522-3ftv4adb63
-
MD5
dc35da9cea24ed64ab407e2e7df57ccf
-
SHA1
0b862b8f198cd974dd5068132cbc0204c102a645
-
SHA256
7aee28227690ff9dcafdcf2461749d472e06c72fa55304dec655b1bb0a170ff6
-
SHA512
58cbf0acec3fb6f2fc9e9dba8287bc306cc002a0910fe8c3cb031a0589aaaacb2e43607bf757e54d265bc8e089c0c4a727c9c2eeccffafe5837917496516c165
-
SSDEEP
768:M3EVdV0YXY/nckNsWheCNSdd57Do5utsp1TOIIIwjkWVVVO:lVdm5/nprh3Ny57guSTOjfVVVO
Malware Config
Targets
-
-
Target
7aee28227690ff9dcafdcf2461749d472e06c72fa55304dec655b1bb0a170ff6
-
Size
35KB
-
MD5
dc35da9cea24ed64ab407e2e7df57ccf
-
SHA1
0b862b8f198cd974dd5068132cbc0204c102a645
-
SHA256
7aee28227690ff9dcafdcf2461749d472e06c72fa55304dec655b1bb0a170ff6
-
SHA512
58cbf0acec3fb6f2fc9e9dba8287bc306cc002a0910fe8c3cb031a0589aaaacb2e43607bf757e54d265bc8e089c0c4a727c9c2eeccffafe5837917496516c165
-
SSDEEP
768:M3EVdV0YXY/nckNsWheCNSdd57Do5utsp1TOIIIwjkWVVVO:lVdm5/nprh3Ny57guSTOjfVVVO
Score9/10-
Detects Windows executables referencing non-Windows User-Agents
-
UPX dump on OEP (original entry point)
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-