General

  • Target

    96febe122b80f6306e0beaa6d6ac2c05354a30b521a87cdf5abf7ea67780d2f9

  • Size

    336KB

  • Sample

    221124-agbfxshf4t

  • MD5

    1cd813342e06a0e8b60b44c38947e42c

  • SHA1

    ae39d7b341682025ff23039ca6b02938e87c421d

  • SHA256

    96febe122b80f6306e0beaa6d6ac2c05354a30b521a87cdf5abf7ea67780d2f9

  • SHA512

    4af6eb801430c4dc356665c5067f81399ea24df4322016252794eb7e35d9e707a4a401343ad9a5a4d9fa7df28389fdf43915b0233c40b5e7d46156b857ee4ab6

  • SSDEEP

    3072:EpmxpBtQGCltUWrEpmpXzKmpXzR84nDVkj4C2lXRWMvaTv/0qAdf564HP4oQZiEc:E8xpYGCleWBpDC2dRITv/HAf5NxWe

Score
10/10

Malware Config

Targets

    • Target

      96febe122b80f6306e0beaa6d6ac2c05354a30b521a87cdf5abf7ea67780d2f9

    • Size

      336KB

    • MD5

      1cd813342e06a0e8b60b44c38947e42c

    • SHA1

      ae39d7b341682025ff23039ca6b02938e87c421d

    • SHA256

      96febe122b80f6306e0beaa6d6ac2c05354a30b521a87cdf5abf7ea67780d2f9

    • SHA512

      4af6eb801430c4dc356665c5067f81399ea24df4322016252794eb7e35d9e707a4a401343ad9a5a4d9fa7df28389fdf43915b0233c40b5e7d46156b857ee4ab6

    • SSDEEP

      3072:EpmxpBtQGCltUWrEpmpXzKmpXzR84nDVkj4C2lXRWMvaTv/0qAdf564HP4oQZiEc:E8xpYGCleWBpDC2dRITv/HAf5NxWe

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks