General
-
Target
012e60b44219e9aa3c477f29490346ecc592acc69fbe91aaa172c8206d9e1c15
-
Size
7.4MB
-
Sample
241203-t2jgtaypcr
-
MD5
8d59ea7c3e75a7efe77835e6b2805523
-
SHA1
920507c802716d4fe9e42f3a524b7d79de74f890
-
SHA256
012e60b44219e9aa3c477f29490346ecc592acc69fbe91aaa172c8206d9e1c15
-
SHA512
bb3b46e86a96ca6ef785468045aa4449029eac221a65a583c39a6374e6bb2816cf547863bd99dc9923d8c310be2908ea2c704d1583f4ba375cddeadabbfceeff
-
SSDEEP
196608:5WX+phJYDNAHmXiqKmqQeyLKpRdcVtXEXnV:5XjqDNAGXiTmrMpwVVCV
Malware Config
Targets
-
-
Target
012e60b44219e9aa3c477f29490346ecc592acc69fbe91aaa172c8206d9e1c15
-
Size
7.4MB
-
MD5
8d59ea7c3e75a7efe77835e6b2805523
-
SHA1
920507c802716d4fe9e42f3a524b7d79de74f890
-
SHA256
012e60b44219e9aa3c477f29490346ecc592acc69fbe91aaa172c8206d9e1c15
-
SHA512
bb3b46e86a96ca6ef785468045aa4449029eac221a65a583c39a6374e6bb2816cf547863bd99dc9923d8c310be2908ea2c704d1583f4ba375cddeadabbfceeff
-
SSDEEP
196608:5WX+phJYDNAHmXiqKmqQeyLKpRdcVtXEXnV:5XjqDNAGXiTmrMpwVVCV
Score8/10-
Creates new service(s)
-
Drops file in Drivers directory
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-