General

  • Target

    40e1d1d5c9cf760c8c84d6d1283b71dd8d281cde0fcf041ad779df681140f834

  • Size

    320KB

  • Sample

    221123-xjaczafb49

  • MD5

    5eb493f8d0d17a70eef7609e92ec1e08

  • SHA1

    352951067a8ec59a5c25db4b82369a4ee366f8e0

  • SHA256

    40e1d1d5c9cf760c8c84d6d1283b71dd8d281cde0fcf041ad779df681140f834

  • SHA512

    38662b27824328ff59e63ddcf5a26fe954f7a5b4f4d2a3a94514ccbab1d59b6b69dfd9ea5c3587285d168aa87c0de521fe35b98dccce8294f817121625de1237

  • SSDEEP

    6144:mLXiGKI//d8xgN3+E9xz3DfQr1w2O6EU02DPp9nrg5G35aJevhRGGhfZkEscw0Lc:oKg9+EDEnhtHAJevHsEscw0Lcqk

Score
10/10

Malware Config

Targets

    • Target

      40e1d1d5c9cf760c8c84d6d1283b71dd8d281cde0fcf041ad779df681140f834

    • Size

      320KB

    • MD5

      5eb493f8d0d17a70eef7609e92ec1e08

    • SHA1

      352951067a8ec59a5c25db4b82369a4ee366f8e0

    • SHA256

      40e1d1d5c9cf760c8c84d6d1283b71dd8d281cde0fcf041ad779df681140f834

    • SHA512

      38662b27824328ff59e63ddcf5a26fe954f7a5b4f4d2a3a94514ccbab1d59b6b69dfd9ea5c3587285d168aa87c0de521fe35b98dccce8294f817121625de1237

    • SSDEEP

      6144:mLXiGKI//d8xgN3+E9xz3DfQr1w2O6EU02DPp9nrg5G35aJevhRGGhfZkEscw0Lc:oKg9+EDEnhtHAJevHsEscw0Lcqk

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks