General

  • Target

    2d8413b8e8eaeb757f75a29d5648fd5ff7799d1961bfbde5c8ca79bb5a9cf4a2

  • Size

    184KB

  • Sample

    221124-amny7seg99

  • MD5

    44abccdd4046e163e582a71628cc83b9

  • SHA1

    bd9a7231d1c6873cf53cfa062205d237fe58a236

  • SHA256

    2d8413b8e8eaeb757f75a29d5648fd5ff7799d1961bfbde5c8ca79bb5a9cf4a2

  • SHA512

    2d1c3bfec70480fb1268305716645a64cf8ddbd7e354ad88def35e518948c1f35e45835c51279b55a5207bd6833bea0a15d871ce0e150eadb7acae098d1fcee1

  • SSDEEP

    3072:u8Dg+HWoYTzCh46Knvmb7/D26ytQlw/Lg5q69srijEIS3A:0rpz6LKnvmb7/D26yQlw/Lg5qosri/Sw

Score
10/10

Malware Config

Targets

    • Target

      2d8413b8e8eaeb757f75a29d5648fd5ff7799d1961bfbde5c8ca79bb5a9cf4a2

    • Size

      184KB

    • MD5

      44abccdd4046e163e582a71628cc83b9

    • SHA1

      bd9a7231d1c6873cf53cfa062205d237fe58a236

    • SHA256

      2d8413b8e8eaeb757f75a29d5648fd5ff7799d1961bfbde5c8ca79bb5a9cf4a2

    • SHA512

      2d1c3bfec70480fb1268305716645a64cf8ddbd7e354ad88def35e518948c1f35e45835c51279b55a5207bd6833bea0a15d871ce0e150eadb7acae098d1fcee1

    • SSDEEP

      3072:u8Dg+HWoYTzCh46Knvmb7/D26ytQlw/Lg5q69srijEIS3A:0rpz6LKnvmb7/D26yQlw/Lg5qosri/Sw

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks