General
-
Target
a785217a9ed8b46b82f203788b9f4309cd07d4375274c7ecce4a306367f71dff
-
Size
5.7MB
-
Sample
240531-bxzn5aab3w
-
MD5
499b681e0d100aa7f93837304ed71689
-
SHA1
c8ac53450658a271fd2e8afd93199f0d8f6b34e9
-
SHA256
a785217a9ed8b46b82f203788b9f4309cd07d4375274c7ecce4a306367f71dff
-
SHA512
79f8b4e3d7a88c33daa81c1b5cebf6e9703f1723eec1b331b747d6d21633ba9dc93cd709905442ab6c479d84b1d7b838a324c474984aed147a95f41a7f64be91
-
SSDEEP
98304:g2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mDp:g2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc3
Malware Config
Targets
-
-
Target
a785217a9ed8b46b82f203788b9f4309cd07d4375274c7ecce4a306367f71dff
-
Size
5.7MB
-
MD5
499b681e0d100aa7f93837304ed71689
-
SHA1
c8ac53450658a271fd2e8afd93199f0d8f6b34e9
-
SHA256
a785217a9ed8b46b82f203788b9f4309cd07d4375274c7ecce4a306367f71dff
-
SHA512
79f8b4e3d7a88c33daa81c1b5cebf6e9703f1723eec1b331b747d6d21633ba9dc93cd709905442ab6c479d84b1d7b838a324c474984aed147a95f41a7f64be91
-
SSDEEP
98304:g2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mDp:g2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc3
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-