General
-
Target
abb75d8cf0b557c95d295ebedcc3861cd966bb6bc53deba1d66ed6c3ec7abcde.exe
-
Size
3.4MB
-
Sample
241015-cerfgaybkb
-
MD5
3bfa5607ba2fdb912bf3c1b06950be30
-
SHA1
09f81b7d75c7c337e8e25303e70f942f52a346c3
-
SHA256
abb75d8cf0b557c95d295ebedcc3861cd966bb6bc53deba1d66ed6c3ec7abcde
-
SHA512
bd26ccd01ad728fabd51d88359afbb6f60d3a80085c75e6dc4071db006dbe0e2b44a8c55e0f85037b6d7b7646912a40f12ca59d939ce3b8421ea179d1f945940
-
SSDEEP
49152:IBJNXBzeEo1tFlwksnSGat746RzF50obO+bbxI2OXI33kM5dlWnBL3rLTfwILm:ynXBaEuDBaat7rJX0KVbxIVXvMLInx0D
Malware Config
Targets
-
-
Target
abb75d8cf0b557c95d295ebedcc3861cd966bb6bc53deba1d66ed6c3ec7abcde.exe
-
Size
3.4MB
-
MD5
3bfa5607ba2fdb912bf3c1b06950be30
-
SHA1
09f81b7d75c7c337e8e25303e70f942f52a346c3
-
SHA256
abb75d8cf0b557c95d295ebedcc3861cd966bb6bc53deba1d66ed6c3ec7abcde
-
SHA512
bd26ccd01ad728fabd51d88359afbb6f60d3a80085c75e6dc4071db006dbe0e2b44a8c55e0f85037b6d7b7646912a40f12ca59d939ce3b8421ea179d1f945940
-
SSDEEP
49152:IBJNXBzeEo1tFlwksnSGat746RzF50obO+bbxI2OXI33kM5dlWnBL3rLTfwILm:ynXBaEuDBaat7rJX0KVbxIVXvMLInx0D
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-