General
-
Target
f65b25f3aafc048b68ede890b83367d8b67dd024d5463244a8d341abef7c0cb8.exe
-
Size
10.5MB
-
Sample
241120-eeeg1szekg
-
MD5
45c679d5074f022c80fa610f7f7e22af
-
SHA1
5f4d48fc9e058c1b38daa538a98bc75d43f60f03
-
SHA256
f65b25f3aafc048b68ede890b83367d8b67dd024d5463244a8d341abef7c0cb8
-
SHA512
857d1f3a8406de0f0b65178b6608cf5f00dc4ea4191c2af36504a1350ce6e7022a5c2dc5da7615c2915d3a6f70172d370e6d1d62a571eaadc7b84ffea137c0b6
-
SSDEEP
196608:Z/n+n5bgRy4Zwvq2a8aRTIbWvFBCFvqnVNtKIr2oystKpH4E1Y5QJ1RvF6YVZofP:Z/n+5bgRy4ZreaKbqBCqw62oe54ESw14
Malware Config
Targets
-
-
Target
f65b25f3aafc048b68ede890b83367d8b67dd024d5463244a8d341abef7c0cb8.exe
-
Size
10.5MB
-
MD5
45c679d5074f022c80fa610f7f7e22af
-
SHA1
5f4d48fc9e058c1b38daa538a98bc75d43f60f03
-
SHA256
f65b25f3aafc048b68ede890b83367d8b67dd024d5463244a8d341abef7c0cb8
-
SHA512
857d1f3a8406de0f0b65178b6608cf5f00dc4ea4191c2af36504a1350ce6e7022a5c2dc5da7615c2915d3a6f70172d370e6d1d62a571eaadc7b84ffea137c0b6
-
SSDEEP
196608:Z/n+n5bgRy4Zwvq2a8aRTIbWvFBCFvqnVNtKIr2oystKpH4E1Y5QJ1RvF6YVZofP:Z/n+5bgRy4ZreaKbqBCqw62oe54ESw14
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-