General

  • Target

    c0e7f2a940e27b8f70a49d3be92e679f0baca87eb508cee47707d74d68a727ab

  • Size

    196KB

  • Sample

    221014-mc2hrsbaa2

  • MD5

    05557c0858fe25dd1d7d5782f79952e0

  • SHA1

    f57ead542458e178b5ae0b9b7ae15f8135639e88

  • SHA256

    c0e7f2a940e27b8f70a49d3be92e679f0baca87eb508cee47707d74d68a727ab

  • SHA512

    cedc30760cf98b41a05c539c2de0bf023d88de7a30d726f84c1a477cc3d8bf49b99bb69afb314c10220dfb07158f12df58e8b6f0d52e172e1bddc5d00d761e19

  • SSDEEP

    6144:EOh24K16oTJWvfU4+bOl8femcK/fObT/bGimszUg7Wqnb:9hOAoTMvs4+bOlNK/fObT/bGip77Rb

Score
10/10

Malware Config

Targets

    • Target

      c0e7f2a940e27b8f70a49d3be92e679f0baca87eb508cee47707d74d68a727ab

    • Size

      196KB

    • MD5

      05557c0858fe25dd1d7d5782f79952e0

    • SHA1

      f57ead542458e178b5ae0b9b7ae15f8135639e88

    • SHA256

      c0e7f2a940e27b8f70a49d3be92e679f0baca87eb508cee47707d74d68a727ab

    • SHA512

      cedc30760cf98b41a05c539c2de0bf023d88de7a30d726f84c1a477cc3d8bf49b99bb69afb314c10220dfb07158f12df58e8b6f0d52e172e1bddc5d00d761e19

    • SSDEEP

      6144:EOh24K16oTJWvfU4+bOl8femcK/fObT/bGimszUg7Wqnb:9hOAoTMvs4+bOlNK/fObT/bGip77Rb

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks