General

  • Target

    97cd799551f6771714a3de9cd81a7af31b56e5b0b038a4bb74b84dd544ed38e7

  • Size

    387KB

  • Sample

    221203-b3b51sgd3t

  • MD5

    41dc3a1eb53f7bc46a7ec58b0c3da050

  • SHA1

    c8746781e2db7e78e0ca86a23d17ace1e0c9c6a1

  • SHA256

    97cd799551f6771714a3de9cd81a7af31b56e5b0b038a4bb74b84dd544ed38e7

  • SHA512

    c3fbef716fedcde10cb53c46b80815a43ca462621f4f391c49d2a268c8dc296d3695bd4cf5524c5f06d5db0adae73001c41ead5ea5c668e8835ee7141be39da1

  • SSDEEP

    6144:N6YajbofxCvF1SU55sN+ha1QXcHIitVTTDePcnIlErGE1eyDBYycXKu56WkcfdDf:bW6U55scZsHIh+6EQM4XKuL9dD5uhm

Malware Config

Targets

    • Target

      97cd799551f6771714a3de9cd81a7af31b56e5b0b038a4bb74b84dd544ed38e7

    • Size

      387KB

    • MD5

      41dc3a1eb53f7bc46a7ec58b0c3da050

    • SHA1

      c8746781e2db7e78e0ca86a23d17ace1e0c9c6a1

    • SHA256

      97cd799551f6771714a3de9cd81a7af31b56e5b0b038a4bb74b84dd544ed38e7

    • SHA512

      c3fbef716fedcde10cb53c46b80815a43ca462621f4f391c49d2a268c8dc296d3695bd4cf5524c5f06d5db0adae73001c41ead5ea5c668e8835ee7141be39da1

    • SSDEEP

      6144:N6YajbofxCvF1SU55sN+ha1QXcHIitVTTDePcnIlErGE1eyDBYycXKu56WkcfdDf:bW6U55scZsHIh+6EQM4XKuL9dD5uhm

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks