General

  • Target

    4a6717cf96fda75ae89fbbca62c40cdb

  • Size

    156KB

  • Sample

    240108-erfkvaahal

  • MD5

    4a6717cf96fda75ae89fbbca62c40cdb

  • SHA1

    314d804ea942e037a628e03f82036b40498e88ac

  • SHA256

    5b591de37b0f211e05e991bb3cf6c3be30e0512280e63320a20b90cca103c0b7

  • SHA512

    5dfcedaf1f672ddf3a7a4f5f7fcf3560fa1a9fa5c3dd869bf887506245ad073a87718d16fcd441b1c9998996ff0a79f3dd779b99339da9be45c650d48023dea7

  • SSDEEP

    3072:IGoe5g+GwD8w2+d5bWIrJ4E5n41sSLeH8ozK/d/18UlyG4oQZiEIJ:I2WIrJ4E5n41pVN/jhFWA

Score
10/10

Malware Config

Targets

    • Target

      4a6717cf96fda75ae89fbbca62c40cdb

    • Size

      156KB

    • MD5

      4a6717cf96fda75ae89fbbca62c40cdb

    • SHA1

      314d804ea942e037a628e03f82036b40498e88ac

    • SHA256

      5b591de37b0f211e05e991bb3cf6c3be30e0512280e63320a20b90cca103c0b7

    • SHA512

      5dfcedaf1f672ddf3a7a4f5f7fcf3560fa1a9fa5c3dd869bf887506245ad073a87718d16fcd441b1c9998996ff0a79f3dd779b99339da9be45c650d48023dea7

    • SSDEEP

      3072:IGoe5g+GwD8w2+d5bWIrJ4E5n41sSLeH8ozK/d/18UlyG4oQZiEIJ:I2WIrJ4E5n41pVN/jhFWA

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks