General
-
Target
5a565059b3baa1f1899fc8db75c9587037986a57519167efd12be300cf78a75dN.exe
-
Size
163KB
-
Sample
240925-czs5sssgmg
-
MD5
be90776baaf6d6401c218ad073160380
-
SHA1
acb391d8cc5c21afc977eb306ddda91580d46695
-
SHA256
5a565059b3baa1f1899fc8db75c9587037986a57519167efd12be300cf78a75d
-
SHA512
6897ddfc018968620c7775328272d0f7717958c606788c57318198063729ee461a86dfaa790a8f0ddde6c36ba8a6f3bab180e406ff56badbfbaad3261e0da322
-
SSDEEP
3072:zm8QyMWSVCqwT1h+popOOfaPOx5P+m/pNdhZ1QYUdq:NqwJh+6pAkGm/pH1gdq
Malware Config
Targets
-
-
Target
5a565059b3baa1f1899fc8db75c9587037986a57519167efd12be300cf78a75dN.exe
-
Size
163KB
-
MD5
be90776baaf6d6401c218ad073160380
-
SHA1
acb391d8cc5c21afc977eb306ddda91580d46695
-
SHA256
5a565059b3baa1f1899fc8db75c9587037986a57519167efd12be300cf78a75d
-
SHA512
6897ddfc018968620c7775328272d0f7717958c606788c57318198063729ee461a86dfaa790a8f0ddde6c36ba8a6f3bab180e406ff56badbfbaad3261e0da322
-
SSDEEP
3072:zm8QyMWSVCqwT1h+popOOfaPOx5P+m/pNdhZ1QYUdq:NqwJh+6pAkGm/pH1gdq
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-