General

  • Target

    047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957

  • Size

    8.3MB

  • Sample

    240202-w658gsegar

  • MD5

    addafed6560daa08e456d9b31fbd9979

  • SHA1

    97c8abdb71a869779259c547f5bd37407f321a5d

  • SHA256

    047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957

  • SHA512

    b824e59bb54cdb8be73c9e231f43bef849281f7380ce8e089d9e0b4cad40e50cfee429f9f7187591274903741a1276f1402de4be266478120a12a0ca08d3b50e

  • SSDEEP

    196608:7EnuGWhh+6ZLnb4bRwLLlc1kd0HGU/hSZFNqgCbljhk:r0+LnuRwH+IFZ3qpbli

Malware Config

Targets

    • Target

      047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957

    • Size

      8.3MB

    • MD5

      addafed6560daa08e456d9b31fbd9979

    • SHA1

      97c8abdb71a869779259c547f5bd37407f321a5d

    • SHA256

      047ec05ab6fef687573f426713e3e882c36861bcedd0f65fb3e6a6c6b5a3a957

    • SHA512

      b824e59bb54cdb8be73c9e231f43bef849281f7380ce8e089d9e0b4cad40e50cfee429f9f7187591274903741a1276f1402de4be266478120a12a0ca08d3b50e

    • SSDEEP

      196608:7EnuGWhh+6ZLnb4bRwLLlc1kd0HGU/hSZFNqgCbljhk:r0+LnuRwH+IFZ3qpbli

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks