General

  • Target

    9a4e1d8e34fc75bccddfc2b4be87b93f52339163bbdb8064d243c1b63469cd4a

  • Size

    43KB

  • Sample

    221123-lnxtaabh25

  • MD5

    28934fbe0c49bf00d792a515966ff61c

  • SHA1

    f49042fc7da86e033a4bf8fe7c31237dc80ac0d2

  • SHA256

    9a4e1d8e34fc75bccddfc2b4be87b93f52339163bbdb8064d243c1b63469cd4a

  • SHA512

    3e147c36e3fc406bbe872f1116fc799796033522a3667bee2b7a2c526461286f9d3c9ecb57325c7403a67d6dd8320ea74bcb0a4a644f1d96d3d9824f3ee7ca52

  • SSDEEP

    768:LTqjtdD8unmNFS4wajErK9mTN20n5k1f6H6jH+qqvtG12V8t1WyXZCN3kzUoMHCs:UumwlWS2ijDCzHCCrk

Score
8/10

Malware Config

Targets

    • Target

      9a4e1d8e34fc75bccddfc2b4be87b93f52339163bbdb8064d243c1b63469cd4a

    • Size

      43KB

    • MD5

      28934fbe0c49bf00d792a515966ff61c

    • SHA1

      f49042fc7da86e033a4bf8fe7c31237dc80ac0d2

    • SHA256

      9a4e1d8e34fc75bccddfc2b4be87b93f52339163bbdb8064d243c1b63469cd4a

    • SHA512

      3e147c36e3fc406bbe872f1116fc799796033522a3667bee2b7a2c526461286f9d3c9ecb57325c7403a67d6dd8320ea74bcb0a4a644f1d96d3d9824f3ee7ca52

    • SSDEEP

      768:LTqjtdD8unmNFS4wajErK9mTN20n5k1f6H6jH+qqvtG12V8t1WyXZCN3kzUoMHCs:UumwlWS2ijDCzHCCrk

    Score
    8/10
    • Executes dropped EXE

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks