General

  • Target

    64cec275ee4757744cf10734800f88e3fc954bf91e4dce6f559861c7647ab814

  • Size

    1.2MB

  • Sample

    230423-z4lb3she6w

  • MD5

    c2ff9058d84a932e14baa873438d32eb

  • SHA1

    d1a4da5b2791b33e86a0259a3f4e55d83023d170

  • SHA256

    64cec275ee4757744cf10734800f88e3fc954bf91e4dce6f559861c7647ab814

  • SHA512

    010b97786478dae0865aeff44d23c1920803cd161758257bf2f5a1f533414b1edc5546aa276aa5b8de48724eb4f2b5003d4cf5762edec3c1102997ea7a3b8913

  • SSDEEP

    24576:Qu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:d0+BshUC1VzUjjPP0/

Malware Config

Targets

    • Target

      64cec275ee4757744cf10734800f88e3fc954bf91e4dce6f559861c7647ab814

    • Size

      1.2MB

    • MD5

      c2ff9058d84a932e14baa873438d32eb

    • SHA1

      d1a4da5b2791b33e86a0259a3f4e55d83023d170

    • SHA256

      64cec275ee4757744cf10734800f88e3fc954bf91e4dce6f559861c7647ab814

    • SHA512

      010b97786478dae0865aeff44d23c1920803cd161758257bf2f5a1f533414b1edc5546aa276aa5b8de48724eb4f2b5003d4cf5762edec3c1102997ea7a3b8913

    • SSDEEP

      24576:Qu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:d0+BshUC1VzUjjPP0/

    • Modifies Windows Defender Real-time Protection settings

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks