General
-
Target
ffdece8cf4dc25a2087b123c3d57744738a87c873ff38b7a5207029b2e76fcad
-
Size
143KB
-
Sample
240628-fqccgavfqr
-
MD5
44376c87b1baaa34bc75aac5c42a64ea
-
SHA1
0c4923dd36cbecbd1cf8e7fc0be3ab041e42934c
-
SHA256
ffdece8cf4dc25a2087b123c3d57744738a87c873ff38b7a5207029b2e76fcad
-
SHA512
4393404d8d8b6fedc1f73b57cce18407e07c75246334676e178ad9e693ee66631008cb491cadd8de8b9b9c5bfb743f7f6d7ecee55abe16d2a6057f0ae87a4161
-
SSDEEP
3072:+1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5/1i/NU82OMYcYYamv5b:Ii/NjO5YBgegD0PHzSwi/N+O7
Malware Config
Targets
-
-
Target
ffdece8cf4dc25a2087b123c3d57744738a87c873ff38b7a5207029b2e76fcad
-
Size
143KB
-
MD5
44376c87b1baaa34bc75aac5c42a64ea
-
SHA1
0c4923dd36cbecbd1cf8e7fc0be3ab041e42934c
-
SHA256
ffdece8cf4dc25a2087b123c3d57744738a87c873ff38b7a5207029b2e76fcad
-
SHA512
4393404d8d8b6fedc1f73b57cce18407e07c75246334676e178ad9e693ee66631008cb491cadd8de8b9b9c5bfb743f7f6d7ecee55abe16d2a6057f0ae87a4161
-
SSDEEP
3072:+1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5/1i/NU82OMYcYYamv5b:Ii/NjO5YBgegD0PHzSwi/N+O7
Score9/10-
UPX dump on OEP (original entry point)
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-
Hide Artifacts: Hidden Files and Directories
-