General

  • Target

    8000b2fdf68ad3a9066fe13d20d56520

  • Size

    17KB

  • Sample

    240129-q7gcvsbcb7

  • MD5

    8000b2fdf68ad3a9066fe13d20d56520

  • SHA1

    4705cd2c35acc2e725692b90265e5c4a30feb8eb

  • SHA256

    b5a38660739a97b47e9a35626bec19a0d4575aa3d6f2379a479283c64a7d0b96

  • SHA512

    232ba0fcb410cb05711edef762a2fd075291597bbdf59124019da955af3e47bf221362e65f9f209a8fa483312cd43f3d1ab7f2421403a96381670c98a5e802eb

  • SSDEEP

    384:lF+x00gZcmZO2Zp+Nye8pqrmub8TyztsDN:lAngZoKK8o8TyJc

Score
8/10

Malware Config

Targets

    • Target

      8000b2fdf68ad3a9066fe13d20d56520

    • Size

      17KB

    • MD5

      8000b2fdf68ad3a9066fe13d20d56520

    • SHA1

      4705cd2c35acc2e725692b90265e5c4a30feb8eb

    • SHA256

      b5a38660739a97b47e9a35626bec19a0d4575aa3d6f2379a479283c64a7d0b96

    • SHA512

      232ba0fcb410cb05711edef762a2fd075291597bbdf59124019da955af3e47bf221362e65f9f209a8fa483312cd43f3d1ab7f2421403a96381670c98a5e802eb

    • SSDEEP

      384:lF+x00gZcmZO2Zp+Nye8pqrmub8TyztsDN:lAngZoKK8o8TyJc

    Score
    8/10
    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks