General

  • Target

    12b159b1ef76d78e73a67d4af165ac35c14f8f13a391173317ef20773b1092d5

  • Size

    172KB

  • Sample

    221124-agmtyshf51

  • MD5

    36599294488d8d5c658b33aab5688b93

  • SHA1

    c01eccebafbc78ed8d0544f3e4fec51decb1cfd0

  • SHA256

    12b159b1ef76d78e73a67d4af165ac35c14f8f13a391173317ef20773b1092d5

  • SHA512

    1e1d0cb0e447d9df7fa48526c04776afd503a1b9207f430cf57099fd765e2de5cc148c0bb7907dab68738df844f10009b566a3cd62863ed54b954dc32ed067de

  • SSDEEP

    3072:vChDLsNgqod3muDOqkVfbX936NDoZq4rvKyGXi:cDLsNgB3muDOqkpbX937Zq4ryi

Score
10/10

Malware Config

Targets

    • Target

      12b159b1ef76d78e73a67d4af165ac35c14f8f13a391173317ef20773b1092d5

    • Size

      172KB

    • MD5

      36599294488d8d5c658b33aab5688b93

    • SHA1

      c01eccebafbc78ed8d0544f3e4fec51decb1cfd0

    • SHA256

      12b159b1ef76d78e73a67d4af165ac35c14f8f13a391173317ef20773b1092d5

    • SHA512

      1e1d0cb0e447d9df7fa48526c04776afd503a1b9207f430cf57099fd765e2de5cc148c0bb7907dab68738df844f10009b566a3cd62863ed54b954dc32ed067de

    • SSDEEP

      3072:vChDLsNgqod3muDOqkVfbX936NDoZq4rvKyGXi:cDLsNgB3muDOqkpbX937Zq4ryi

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks