General

  • Target

    cf46dbf6f391bbda68ea3f1deab05c0c243965d75a5c9b264846d8b4ee522bd1

  • Size

    84KB

  • Sample

    221123-xp9d9aaf7t

  • MD5

    52c6bf9e0c3eb2279b15ad1ac914c11a

  • SHA1

    4033efecd576313ed6e54e3bf757b50dc9a53f43

  • SHA256

    cf46dbf6f391bbda68ea3f1deab05c0c243965d75a5c9b264846d8b4ee522bd1

  • SHA512

    6172c9e341771580a91ca23b495754521eacfb6033df4a2203c4dc577e922c7bbf0f8e2fedcc0f7ead9318f91b52189b283fbab63da9a693dcbbe59d4b126922

  • SSDEEP

    1536:hAa4Lg7bg4htUVGLG/wXJYPUj27dTYHq13i6E:hPUVeG/wXJYa27m

Score
10/10

Malware Config

Targets

    • Target

      cf46dbf6f391bbda68ea3f1deab05c0c243965d75a5c9b264846d8b4ee522bd1

    • Size

      84KB

    • MD5

      52c6bf9e0c3eb2279b15ad1ac914c11a

    • SHA1

      4033efecd576313ed6e54e3bf757b50dc9a53f43

    • SHA256

      cf46dbf6f391bbda68ea3f1deab05c0c243965d75a5c9b264846d8b4ee522bd1

    • SHA512

      6172c9e341771580a91ca23b495754521eacfb6033df4a2203c4dc577e922c7bbf0f8e2fedcc0f7ead9318f91b52189b283fbab63da9a693dcbbe59d4b126922

    • SSDEEP

      1536:hAa4Lg7bg4htUVGLG/wXJYPUj27dTYHq13i6E:hPUVeG/wXJYa27m

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks