General
-
Target
faa07de0cff3dcc6655b76d879b2585c6908f72d77b03bed64d0dcb5297e2ece.lnk
-
Size
2KB
-
Sample
241120-eeykwszngt
-
MD5
c0b33dfd76112f507b96128a124a2381
-
SHA1
3295c8f46cd7461db034bb9e29193461f40f63af
-
SHA256
faa07de0cff3dcc6655b76d879b2585c6908f72d77b03bed64d0dcb5297e2ece
-
SHA512
a3533c43aa218623ff6cafe44ed32105acbf51804d4bdf3aaf63b56ef0f5b5028dda7cc453428eacfd70e4217c21107e7ce7411b1db15fc8205a6c0ef02b9eab
Malware Config
Targets
-
-
Target
faa07de0cff3dcc6655b76d879b2585c6908f72d77b03bed64d0dcb5297e2ece.lnk
-
Size
2KB
-
MD5
c0b33dfd76112f507b96128a124a2381
-
SHA1
3295c8f46cd7461db034bb9e29193461f40f63af
-
SHA256
faa07de0cff3dcc6655b76d879b2585c6908f72d77b03bed64d0dcb5297e2ece
-
SHA512
a3533c43aa218623ff6cafe44ed32105acbf51804d4bdf3aaf63b56ef0f5b5028dda7cc453428eacfd70e4217c21107e7ce7411b1db15fc8205a6c0ef02b9eab
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-