General
-
Target
virussign.com_a61dfe1db60b96e3c07662660c62b660.vir
-
Size
53KB
-
Sample
240528-xbc4wsfe5z
-
MD5
a61dfe1db60b96e3c07662660c62b660
-
SHA1
fd11f161a76441f0ef1de959d8c6200ea7bd52f8
-
SHA256
44ca97d686fc263590ed1d27ecfe0685997778339c5b55330e03805b05debacf
-
SHA512
dfd5ecbeb852e72b36382a01a3bb8a353b1823deb11fb447c8068ae2771c323e4937f930ee21f705b92fdf9cc46aa88db96d209390131638bb343ec81edecf04
-
SSDEEP
1536:vNng8r8QHCqAGn7Kp3StjEMjmLM3ztDJWZsXy4JzxPMk:BCqAGnJJjmLM3zRJWZsXy4JN
Malware Config
Targets
-
-
Target
virussign.com_a61dfe1db60b96e3c07662660c62b660.vir
-
Size
53KB
-
MD5
a61dfe1db60b96e3c07662660c62b660
-
SHA1
fd11f161a76441f0ef1de959d8c6200ea7bd52f8
-
SHA256
44ca97d686fc263590ed1d27ecfe0685997778339c5b55330e03805b05debacf
-
SHA512
dfd5ecbeb852e72b36382a01a3bb8a353b1823deb11fb447c8068ae2771c323e4937f930ee21f705b92fdf9cc46aa88db96d209390131638bb343ec81edecf04
-
SSDEEP
1536:vNng8r8QHCqAGn7Kp3StjEMjmLM3ztDJWZsXy4JzxPMk:BCqAGnJJjmLM3zRJWZsXy4JN
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-