General
-
Target
c5c2adc772d9d886de7207b7b3ea130f81a769764312924845aa0ea0de5cf138
-
Size
476KB
-
Sample
240524-djccsaag9w
-
MD5
9075c89769ea746773b3ae9db06d47d9
-
SHA1
3d0d989a44e89f44071487a179762cac54708b88
-
SHA256
c5c2adc772d9d886de7207b7b3ea130f81a769764312924845aa0ea0de5cf138
-
SHA512
2db55d4b971bbc6180e5ca9ce2ffa2f88fb7aeba3c3cdd1973b4072b562e15e8e53417633b7dab7abd7cac3c0a2a3e140ea502c51a899f2be82c913601e0a4cd
-
SSDEEP
3072:Jin8r+coP2W0XgEU5IuY2R8FD8edLhb9x4CuSqhAp08FkGRnNrdf45AjqKnoem:23P0KPsvKhAp081nNVjqKoe
Malware Config
Targets
-
-
Target
c5c2adc772d9d886de7207b7b3ea130f81a769764312924845aa0ea0de5cf138
-
Size
476KB
-
MD5
9075c89769ea746773b3ae9db06d47d9
-
SHA1
3d0d989a44e89f44071487a179762cac54708b88
-
SHA256
c5c2adc772d9d886de7207b7b3ea130f81a769764312924845aa0ea0de5cf138
-
SHA512
2db55d4b971bbc6180e5ca9ce2ffa2f88fb7aeba3c3cdd1973b4072b562e15e8e53417633b7dab7abd7cac3c0a2a3e140ea502c51a899f2be82c913601e0a4cd
-
SSDEEP
3072:Jin8r+coP2W0XgEU5IuY2R8FD8edLhb9x4CuSqhAp08FkGRnNrdf45AjqKnoem:23P0KPsvKhAp081nNVjqKoe
Score9/10-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-