General

  • Target

    3f1ba0dace898dc2cee247de5e15f068.exe

  • Size

    252KB

  • Sample

    231116-dt6z5sfc92

  • MD5

    3f1ba0dace898dc2cee247de5e15f068

  • SHA1

    e1fe1e8a75d490ea13736b38133a1ba930dca7e1

  • SHA256

    2057c7a12abf4e22415003004e057868610c699809b749f10aa9708b4c81157a

  • SHA512

    6ac4813ecbdcaa09659977508b7a97c7b0ec6322ba0a75b502ca07bc0a91759f07cc755f5348502f70cb7c9fcf1fffc0f96bd9b45ceeb254829cdca87a62f59a

  • SSDEEP

    3072:Bjf6OLLuaZj8wp6wPZ0FHQzzdoPCU1C6g2Okt6iZ0R2RYcBXSJckSHCAu:5LLXZLGHQz53U1C6gJYRnCJ

Malware Config

Targets

    • Target

      3f1ba0dace898dc2cee247de5e15f068.exe

    • Size

      252KB

    • MD5

      3f1ba0dace898dc2cee247de5e15f068

    • SHA1

      e1fe1e8a75d490ea13736b38133a1ba930dca7e1

    • SHA256

      2057c7a12abf4e22415003004e057868610c699809b749f10aa9708b4c81157a

    • SHA512

      6ac4813ecbdcaa09659977508b7a97c7b0ec6322ba0a75b502ca07bc0a91759f07cc755f5348502f70cb7c9fcf1fffc0f96bd9b45ceeb254829cdca87a62f59a

    • SSDEEP

      3072:Bjf6OLLuaZj8wp6wPZ0FHQzzdoPCU1C6g2Okt6iZ0R2RYcBXSJckSHCAu:5LLXZLGHQz53U1C6gJYRnCJ

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks