General
-
Target
526d7951a97374ff8c718d82e501093e
-
Size
17KB
-
Sample
240111-d6djcsefh5
-
MD5
526d7951a97374ff8c718d82e501093e
-
SHA1
1789d5d0beb35df4b1c87d6c071467455da9a439
-
SHA256
c9517c51aa5a1d45780f8da2a4b3396f07a0979031f8ce834f0329877d0c04f5
-
SHA512
eb7debea038e7fe2f9c523e58205a504f4bb3176c737122aec7b497d0af66a85615f9051f15f233de2766335c9bea601630d7d79c552806fae24c2d59ed4d588
-
SSDEEP
384:I5iFBXU63ba0n7PmpIfRRb0Gn1aNJawcudoD7UMxS:PBXUCa0HOnbcuyD7UMQ
Malware Config
Targets
-
-
Target
526d7951a97374ff8c718d82e501093e
-
Size
17KB
-
MD5
526d7951a97374ff8c718d82e501093e
-
SHA1
1789d5d0beb35df4b1c87d6c071467455da9a439
-
SHA256
c9517c51aa5a1d45780f8da2a4b3396f07a0979031f8ce834f0329877d0c04f5
-
SHA512
eb7debea038e7fe2f9c523e58205a504f4bb3176c737122aec7b497d0af66a85615f9051f15f233de2766335c9bea601630d7d79c552806fae24c2d59ed4d588
-
SSDEEP
384:I5iFBXU63ba0n7PmpIfRRb0Gn1aNJawcudoD7UMxS:PBXUCa0HOnbcuyD7UMQ
Score8/10-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1