General
-
Target
4a775d2c73d597396f986f7a401656c567c4bdc3e0f62092eed096f2610e4489
-
Size
5.7MB
-
Sample
240528-zzw8sacd6w
-
MD5
0ebb3df302c7d9eb200ce3a7be4dacf5
-
SHA1
e8d67af24adf623ffdaf5c85fc3bdbafdd02ee62
-
SHA256
4a775d2c73d597396f986f7a401656c567c4bdc3e0f62092eed096f2610e4489
-
SHA512
49913ba1440ab34a8ab2caa1d828e329cff582245d222184ee5108692a62b9715a29a627eb8283f23a8c19d356020def4c03c82c6f58246acec93e90acd4fd8a
-
SSDEEP
98304:g2mDMmD2mDe2mDMmD2mDc2mDMmD2mD32mDMmD2mDe2mDMmD2mDc2mDMmD2mDN:g2mDMmD2mDe2mDMmD2mDc2mDMmD2mD3j
Malware Config
Targets
-
-
Target
4a775d2c73d597396f986f7a401656c567c4bdc3e0f62092eed096f2610e4489
-
Size
5.7MB
-
MD5
0ebb3df302c7d9eb200ce3a7be4dacf5
-
SHA1
e8d67af24adf623ffdaf5c85fc3bdbafdd02ee62
-
SHA256
4a775d2c73d597396f986f7a401656c567c4bdc3e0f62092eed096f2610e4489
-
SHA512
49913ba1440ab34a8ab2caa1d828e329cff582245d222184ee5108692a62b9715a29a627eb8283f23a8c19d356020def4c03c82c6f58246acec93e90acd4fd8a
-
SSDEEP
98304:g2mDMmD2mDe2mDMmD2mDc2mDMmD2mD32mDMmD2mDe2mDMmD2mDc2mDMmD2mDN:g2mDMmD2mDe2mDMmD2mDc2mDMmD2mD3j
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-