General

  • Target

    c935430c9e6907a6d9f527b9bca3562ffe19e9a7e827f7d79ccf7c09ae9010fa

  • Size

    280KB

  • Sample

    221123-xn8fkaff29

  • MD5

    530d48fdf674b232be66f727bdcd5fa8

  • SHA1

    52c93089d1d4e26f81063ec05543c8b85b4b6bb3

  • SHA256

    c935430c9e6907a6d9f527b9bca3562ffe19e9a7e827f7d79ccf7c09ae9010fa

  • SHA512

    410bf9d53b2ddd9209e4371341e5aa8bf69751e53611ef3ad30ec8a338e74f63fa140888a45f9ebfff0ec533f79e8e61a9c87b7588e6be445e539f752f342b58

  • SSDEEP

    3072:DkW/v+/mkT/Ozb1/7Vc1tdjZQQLnQhhyBZ8Irfdaqebssot7rFVtWzdbcTfBX:DP2mK2bVMJuQ0hhynfdaJqNrtWzCd

Score
10/10

Malware Config

Targets

    • Target

      c935430c9e6907a6d9f527b9bca3562ffe19e9a7e827f7d79ccf7c09ae9010fa

    • Size

      280KB

    • MD5

      530d48fdf674b232be66f727bdcd5fa8

    • SHA1

      52c93089d1d4e26f81063ec05543c8b85b4b6bb3

    • SHA256

      c935430c9e6907a6d9f527b9bca3562ffe19e9a7e827f7d79ccf7c09ae9010fa

    • SHA512

      410bf9d53b2ddd9209e4371341e5aa8bf69751e53611ef3ad30ec8a338e74f63fa140888a45f9ebfff0ec533f79e8e61a9c87b7588e6be445e539f752f342b58

    • SSDEEP

      3072:DkW/v+/mkT/Ozb1/7Vc1tdjZQQLnQhhyBZ8Irfdaqebssot7rFVtWzdbcTfBX:DP2mK2bVMJuQ0hhynfdaJqNrtWzCd

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks