General

  • Target

    d215343a997a4490029742cb83600c479273a50bb5abf207702fa62d2c1a4f96

  • Size

    1.1MB

  • Sample

    221203-b17h5sgc6v

  • MD5

    de785ddf31f4584d926b3d748d81abd3

  • SHA1

    b147541b915ca063b7626d7c6f3081734273606d

  • SHA256

    d215343a997a4490029742cb83600c479273a50bb5abf207702fa62d2c1a4f96

  • SHA512

    2dd106c7970808c065591b6c16fc03ff637f117fc6250a623f6d38fd6244a470c68ff4630602f5db0fec5be7679ca5e5d8fd4a9761400649186c503249029ff4

  • SSDEEP

    24576:H7DKqzqxf6nTH0JY/FLxhmadUN0ERgexN+BLyjOJ3FYrxG:H7DjqxfidFlhTUWmgMA4jmFKxG

Malware Config

Targets

    • Target

      d215343a997a4490029742cb83600c479273a50bb5abf207702fa62d2c1a4f96

    • Size

      1.1MB

    • MD5

      de785ddf31f4584d926b3d748d81abd3

    • SHA1

      b147541b915ca063b7626d7c6f3081734273606d

    • SHA256

      d215343a997a4490029742cb83600c479273a50bb5abf207702fa62d2c1a4f96

    • SHA512

      2dd106c7970808c065591b6c16fc03ff637f117fc6250a623f6d38fd6244a470c68ff4630602f5db0fec5be7679ca5e5d8fd4a9761400649186c503249029ff4

    • SSDEEP

      24576:H7DKqzqxf6nTH0JY/FLxhmadUN0ERgexN+BLyjOJ3FYrxG:H7DjqxfidFlhTUWmgMA4jmFKxG

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks