General
-
Target
1211a47e1a6d01156685c2bcbaefb7ea
-
Size
3.8MB
-
Sample
231230-h8rwzschb9
-
MD5
1211a47e1a6d01156685c2bcbaefb7ea
-
SHA1
10020358dabd8961d7801287e09b42e80e5a3695
-
SHA256
88731d2aa902f1b7a580d143c96a4a401bb8c34a20de87945936ee4db8fd7ca0
-
SHA512
9fecc432e57088f0d62aa02d1710430dc894bb88a9ba698b6599e98d72670d85520f8d5226b301eb27fce8ef75ba668f9d1e8edb21639916950938ed1e704427
-
SSDEEP
49152:ZTaY6tV3zSYiaAKl1YEmGeRJ/Wouej0lvSXnif2vhpOw+RKr6V7YEAqNmxsa5w2x:szVD0aAgtg7o2vzTW5Ynl5tCC
Malware Config
Targets
-
-
Target
1211a47e1a6d01156685c2bcbaefb7ea
-
Size
3.8MB
-
MD5
1211a47e1a6d01156685c2bcbaefb7ea
-
SHA1
10020358dabd8961d7801287e09b42e80e5a3695
-
SHA256
88731d2aa902f1b7a580d143c96a4a401bb8c34a20de87945936ee4db8fd7ca0
-
SHA512
9fecc432e57088f0d62aa02d1710430dc894bb88a9ba698b6599e98d72670d85520f8d5226b301eb27fce8ef75ba668f9d1e8edb21639916950938ed1e704427
-
SSDEEP
49152:ZTaY6tV3zSYiaAKl1YEmGeRJ/Wouej0lvSXnif2vhpOw+RKr6V7YEAqNmxsa5w2x:szVD0aAgtg7o2vzTW5Ynl5tCC
Score8/10-
Creates new service(s)
-
Sets file execution options in registry
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
2Windows Service
2