General
-
Target
43b0d1d0ece6909742707db8815c28e2fb806f035dd090e4be6a71a67409d6ae
-
Size
35KB
-
Sample
240522-zv116sgf58
-
MD5
d8a09c9929c6c9463cbdc538a1cc9437
-
SHA1
000b199edfaf59523da2b9f71682d52b39b04ef3
-
SHA256
43b0d1d0ece6909742707db8815c28e2fb806f035dd090e4be6a71a67409d6ae
-
SHA512
da4c29a53d4430ac3834d5bbcc295ce9cd98b913cd43a9297f6f29cabf8a4a30fe78d70f41b1dff73fb135585dc92889008303315aa2ba62b72d6b0f3080ae72
-
SSDEEP
768:M3EVdV0YXY/nckNsWheCNSdd57Do5utsp1TOIIIwjk/:lVdm5/nprh3Ny57guSTOj+
Malware Config
Targets
-
-
Target
43b0d1d0ece6909742707db8815c28e2fb806f035dd090e4be6a71a67409d6ae
-
Size
35KB
-
MD5
d8a09c9929c6c9463cbdc538a1cc9437
-
SHA1
000b199edfaf59523da2b9f71682d52b39b04ef3
-
SHA256
43b0d1d0ece6909742707db8815c28e2fb806f035dd090e4be6a71a67409d6ae
-
SHA512
da4c29a53d4430ac3834d5bbcc295ce9cd98b913cd43a9297f6f29cabf8a4a30fe78d70f41b1dff73fb135585dc92889008303315aa2ba62b72d6b0f3080ae72
-
SSDEEP
768:M3EVdV0YXY/nckNsWheCNSdd57Do5utsp1TOIIIwjk/:lVdm5/nprh3Ny57guSTOj+
Score9/10-
Detects Windows executables referencing non-Windows User-Agents
-
UPX dump on OEP (original entry point)
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-