General

  • Target

    bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88

  • Size

    749KB

  • Sample

    221203-yvvzgsfc2y

  • MD5

    829698894b4a13b4a683f97301b0f682

  • SHA1

    353513afd1d98071ebe6090cb4b793e30422a2c3

  • SHA256

    bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88

  • SHA512

    8500418d814d1cc145492c73a82b3a247f83fb6a89a3c6506fe925107795c1060038636e58b55e47f196ae1e07b851e4f99cb5a733bfdbe4d574b31a323aea5b

  • SSDEEP

    12288:g72bntEL772bntELDRFj47+572bntEL772bntELDRFj47+HDn0:g72ze72z2Ky72ze72z2K80

Score
10/10

Malware Config

Targets

    • Target

      bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88

    • Size

      749KB

    • MD5

      829698894b4a13b4a683f97301b0f682

    • SHA1

      353513afd1d98071ebe6090cb4b793e30422a2c3

    • SHA256

      bdcedbdf02b51d0b53e116edda0d39155d7c5d4374bfc5a8b9d7bbf1a6664b88

    • SHA512

      8500418d814d1cc145492c73a82b3a247f83fb6a89a3c6506fe925107795c1060038636e58b55e47f196ae1e07b851e4f99cb5a733bfdbe4d574b31a323aea5b

    • SSDEEP

      12288:g72bntEL772bntELDRFj47+572bntEL772bntELDRFj47+HDn0:g72ze72z2Ky72ze72z2K80

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Adds policy Run key to start application

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks