General
-
Target
384281f9e6f00519764f000306955110N.exe
-
Size
135KB
-
Sample
240905-d191dascjp
-
MD5
384281f9e6f00519764f000306955110
-
SHA1
ed5e58e506b91e3b6366e52235a3471b9fe426a8
-
SHA256
b19851418a8a18ea3901a25873bbdb68f1618f49ec096297f0a49b32c85ce04d
-
SHA512
ead35735c048ff767611ef34ed1104df3fc6874c671e670f684ed10a88479de28a911adc02e1a64eeb92d066a62337c79f1aab2345787c87ff3ff0b997c5bcc3
-
SSDEEP
1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SO8S:YfU/WF6QMauSuiWNi9eNOl0007NZIOb
Malware Config
Targets
-
-
Target
384281f9e6f00519764f000306955110N.exe
-
Size
135KB
-
MD5
384281f9e6f00519764f000306955110
-
SHA1
ed5e58e506b91e3b6366e52235a3471b9fe426a8
-
SHA256
b19851418a8a18ea3901a25873bbdb68f1618f49ec096297f0a49b32c85ce04d
-
SHA512
ead35735c048ff767611ef34ed1104df3fc6874c671e670f684ed10a88479de28a911adc02e1a64eeb92d066a62337c79f1aab2345787c87ff3ff0b997c5bcc3
-
SSDEEP
1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SO8S:YfU/WF6QMauSuiWNi9eNOl0007NZIOb
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-