General

  • Target

    c891e4f4c968b0ebff41c99cec500a34fb32ac20f34db79b7ae47861af151d5c

  • Size

    125KB

  • Sample

    221206-xpwhdsgh8s

  • MD5

    50723b816399880574cfa25f57f86a36

  • SHA1

    1aea3b292fa55558800f4464ec5a86bea359c74d

  • SHA256

    c891e4f4c968b0ebff41c99cec500a34fb32ac20f34db79b7ae47861af151d5c

  • SHA512

    d62a55c0adf7881063b46992c48ed42f71b4054b9bbab2279f7a0c838e79eefd409cafe5257502050f282b4e9b08c63ec6faf7265df45f0b9a14f62c4d525190

  • SSDEEP

    3072:Gfw4bgpkBFVIBT8mC9rWRvyOHYDJMU4c4gABQJEKbgrzY6S:SpgpkBFV+YrbKY3l4gKQJwzU

Score
8/10

Malware Config

Targets

    • Target

      c891e4f4c968b0ebff41c99cec500a34fb32ac20f34db79b7ae47861af151d5c

    • Size

      125KB

    • MD5

      50723b816399880574cfa25f57f86a36

    • SHA1

      1aea3b292fa55558800f4464ec5a86bea359c74d

    • SHA256

      c891e4f4c968b0ebff41c99cec500a34fb32ac20f34db79b7ae47861af151d5c

    • SHA512

      d62a55c0adf7881063b46992c48ed42f71b4054b9bbab2279f7a0c838e79eefd409cafe5257502050f282b4e9b08c63ec6faf7265df45f0b9a14f62c4d525190

    • SSDEEP

      3072:Gfw4bgpkBFVIBT8mC9rWRvyOHYDJMU4c4gABQJEKbgrzY6S:SpgpkBFV+YrbKY3l4gKQJwzU

    Score
    8/10
    • Adds policy Run key to start application

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks