General

  • Target

    0ece2c6fb27475e05d1a1cb97f90bf071e25b1614284e1180a9aedccb047a32d

  • Size

    784KB

  • Sample

    221124-hpsdeaac6y

  • MD5

    ec47a45603a8236c6dc98b0ce551435f

  • SHA1

    99244390c76cb52fd8c3369f080029674dec8e7f

  • SHA256

    0ece2c6fb27475e05d1a1cb97f90bf071e25b1614284e1180a9aedccb047a32d

  • SHA512

    44391baed8b77cd9b385049510dc07af48058e7d29d4797f2fa8ccc07c76b0375164a86f4a61e7f88fd8fd7b5923d6ee5d03a3afb3d83010ff0e808b2c70b5dc

  • SSDEEP

    12288:sRWNcr8oxn1k/Kl6bwysjYjN8qTtPn/32R94XfnmDWYpCdXOPw1/9o0679XQon36:HNBI1azsEpTtPnWWmDWOCdeoRqgonq

Score
10/10

Malware Config

Targets

    • Target

      0ece2c6fb27475e05d1a1cb97f90bf071e25b1614284e1180a9aedccb047a32d

    • Size

      784KB

    • MD5

      ec47a45603a8236c6dc98b0ce551435f

    • SHA1

      99244390c76cb52fd8c3369f080029674dec8e7f

    • SHA256

      0ece2c6fb27475e05d1a1cb97f90bf071e25b1614284e1180a9aedccb047a32d

    • SHA512

      44391baed8b77cd9b385049510dc07af48058e7d29d4797f2fa8ccc07c76b0375164a86f4a61e7f88fd8fd7b5923d6ee5d03a3afb3d83010ff0e808b2c70b5dc

    • SSDEEP

      12288:sRWNcr8oxn1k/Kl6bwysjYjN8qTtPn/32R94XfnmDWYpCdXOPw1/9o0679XQon36:HNBI1azsEpTtPnWWmDWOCdeoRqgonq

    Score
    10/10
    • Modifies firewall policy service

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks