General

  • Target

    ad2be94e53accd04c0208f07b899537a.exe

  • Size

    172KB

  • Sample

    240107-yct98scgdk

  • MD5

    ad2be94e53accd04c0208f07b899537a

  • SHA1

    2f73299dd10def12bb03f821f437db90e5551252

  • SHA256

    79df9ee1032fe0605b22bac0088e8114eb951c309bdc8398cebce36f2118ee8d

  • SHA512

    f9dfb332a3fba2ead037e1c2d90a7b84418c5e85d2ea010137d7096ac121d74c9494bb9405e8a3bbf35c2285beab46300bf7b3df772159013acc48439e20b86d

  • SSDEEP

    3072:fFo3QXXeRgw3tiKnvmb7/D26nYNpnHzqTT8RUFwjkKvLg3dvCgIHzmWZAlGbBmik:uAXXeR1UKnvmb7/D26nSnTqTT8RUFwjI

Score
10/10

Malware Config

Targets

    • Target

      ad2be94e53accd04c0208f07b899537a.exe

    • Size

      172KB

    • MD5

      ad2be94e53accd04c0208f07b899537a

    • SHA1

      2f73299dd10def12bb03f821f437db90e5551252

    • SHA256

      79df9ee1032fe0605b22bac0088e8114eb951c309bdc8398cebce36f2118ee8d

    • SHA512

      f9dfb332a3fba2ead037e1c2d90a7b84418c5e85d2ea010137d7096ac121d74c9494bb9405e8a3bbf35c2285beab46300bf7b3df772159013acc48439e20b86d

    • SSDEEP

      3072:fFo3QXXeRgw3tiKnvmb7/D26nYNpnHzqTT8RUFwjkKvLg3dvCgIHzmWZAlGbBmik:uAXXeR1UKnvmb7/D26nSnTqTT8RUFwjI

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks