General

  • Target

    43a93fdd1a65d182feab9366dc1c0355bc0f9319a6a1d60c2add9f1d88026923

  • Size

    60KB

  • Sample

    220427-xqq93ahee4

  • MD5

    7c3bc933f0587455d9e521b8062a24b9

  • SHA1

    844258c19fbdb22850b1560aa09b28aacdc38e72

  • SHA256

    43a93fdd1a65d182feab9366dc1c0355bc0f9319a6a1d60c2add9f1d88026923

  • SHA512

    fd9e03fcaea29a582d2848beedd3cfeb23d9c0eeff835c08c3a65719b96593fe5ca0c726e5197d7c5362f4da5d5b0a8db4903d092330ae1ae527c5882852116b

Score
7/10

Malware Config

Targets

    • Target

      43a93fdd1a65d182feab9366dc1c0355bc0f9319a6a1d60c2add9f1d88026923

    • Size

      60KB

    • MD5

      7c3bc933f0587455d9e521b8062a24b9

    • SHA1

      844258c19fbdb22850b1560aa09b28aacdc38e72

    • SHA256

      43a93fdd1a65d182feab9366dc1c0355bc0f9319a6a1d60c2add9f1d88026923

    • SHA512

      fd9e03fcaea29a582d2848beedd3cfeb23d9c0eeff835c08c3a65719b96593fe5ca0c726e5197d7c5362f4da5d5b0a8db4903d092330ae1ae527c5882852116b

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Browser Extensions

1
T1176

Defense Evasion

Modify Registry

2
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks