General

  • Target

    a2dba1c2bc5e1c6ef5b24b9696931fc2.exe

  • Size

    42KB

  • Sample

    240107-x3qt3acdbl

  • MD5

    a2dba1c2bc5e1c6ef5b24b9696931fc2

  • SHA1

    e17a77a0d792b4a2cccff7b94811b41717177d57

  • SHA256

    4d13e38b17be7dca32c5b5463319edd333843e822ceaf3fa93f32716fb1c9a78

  • SHA512

    9884accb7fc978f2b591a4eaa40f145a03096287064e557bb24e6a67b0686bf9a7df3e6d7c5592241eaead1287493fd9f9eead32282f7a217409a9ff8428b79b

  • SSDEEP

    768:gSz0/XBwayCUOwV3TNZHdrPeqzEWvpbPwSMX6+w6pqZxLdeVgol9D8888888888s:BzOCay4wV339rPjzbpLwRJ9pSdoI5

Malware Config

Targets

    • Target

      a2dba1c2bc5e1c6ef5b24b9696931fc2.exe

    • Size

      42KB

    • MD5

      a2dba1c2bc5e1c6ef5b24b9696931fc2

    • SHA1

      e17a77a0d792b4a2cccff7b94811b41717177d57

    • SHA256

      4d13e38b17be7dca32c5b5463319edd333843e822ceaf3fa93f32716fb1c9a78

    • SHA512

      9884accb7fc978f2b591a4eaa40f145a03096287064e557bb24e6a67b0686bf9a7df3e6d7c5592241eaead1287493fd9f9eead32282f7a217409a9ff8428b79b

    • SSDEEP

      768:gSz0/XBwayCUOwV3TNZHdrPeqzEWvpbPwSMX6+w6pqZxLdeVgol9D8888888888s:BzOCay4wV339rPjzbpLwRJ9pSdoI5

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks