General

  • Target

    68ebbad0a0a817193cfbf7888f66ec59bda4203acc273f17d903093f41878232

  • Size

    48KB

  • Sample

    221128-dvex2sbb53

  • MD5

    2e1521789fef92e8e2c753617d9d88b7

  • SHA1

    439da2ce27e2edaeda289d2ebe64e64f4d877c58

  • SHA256

    68ebbad0a0a817193cfbf7888f66ec59bda4203acc273f17d903093f41878232

  • SHA512

    8f96f68b5127e1050873bb2b1b6e53700282490fbe043b98b8f5dd4474e729b4304af673f22ad8d065c6c99f6268b3d6799a18d9e78d7abe606395b05c5b5ce8

  • SSDEEP

    768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67bhPC:Ub1MsHz3JDwhyWr+N95OTga6A

Score
10/10

Malware Config

Targets

    • Target

      68ebbad0a0a817193cfbf7888f66ec59bda4203acc273f17d903093f41878232

    • Size

      48KB

    • MD5

      2e1521789fef92e8e2c753617d9d88b7

    • SHA1

      439da2ce27e2edaeda289d2ebe64e64f4d877c58

    • SHA256

      68ebbad0a0a817193cfbf7888f66ec59bda4203acc273f17d903093f41878232

    • SHA512

      8f96f68b5127e1050873bb2b1b6e53700282490fbe043b98b8f5dd4474e729b4304af673f22ad8d065c6c99f6268b3d6799a18d9e78d7abe606395b05c5b5ce8

    • SSDEEP

      768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67bhPC:Ub1MsHz3JDwhyWr+N95OTga6A

    Score
    8/10
    • Executes dropped EXE

    • Sets DLL path for service in the registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Creates a Windows Service

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks