General
-
Target
04fa4d57e08a7235b39b07e3e17dc31a3fe41991c7487158a79aee97d73a07f7N
-
Size
124KB
-
Sample
240930-acyqna1emh
-
MD5
f9c6dfd4369b233f8a394783a8794190
-
SHA1
d880ed487c4dde7dd8a5b7725da4618878a36b1c
-
SHA256
04fa4d57e08a7235b39b07e3e17dc31a3fe41991c7487158a79aee97d73a07f7
-
SHA512
3acb806f455ff47580731e441f709e2a9475706dc6b8f2693912eea2f39de08168bc4630b2bfa9e939994f9b3410475d6e41da515c19dbfc266c0c54c68dec52
-
SSDEEP
3072:q1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgOts5YmMOMYcYY51i/NU8:Ui/NjO5YBgegD0PHzSW3Oai/N
Malware Config
Targets
-
-
Target
04fa4d57e08a7235b39b07e3e17dc31a3fe41991c7487158a79aee97d73a07f7N
-
Size
124KB
-
MD5
f9c6dfd4369b233f8a394783a8794190
-
SHA1
d880ed487c4dde7dd8a5b7725da4618878a36b1c
-
SHA256
04fa4d57e08a7235b39b07e3e17dc31a3fe41991c7487158a79aee97d73a07f7
-
SHA512
3acb806f455ff47580731e441f709e2a9475706dc6b8f2693912eea2f39de08168bc4630b2bfa9e939994f9b3410475d6e41da515c19dbfc266c0c54c68dec52
-
SSDEEP
3072:q1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgOts5YmMOMYcYY51i/NU8:Ui/NjO5YBgegD0PHzSW3Oai/N
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
Hide Artifacts: Hidden Files and Directories
-