General

  • Target

    67f29e422c1bc776543bb140db9ba58fde7cb77c0fed322e85c439e794f74b78

  • Size

    3.1MB

  • Sample

    240222-kf11asef7w

  • MD5

    557db64dcdd886cc31cc5b02908b1ef1

  • SHA1

    7a8ce1216f0325abef220766661942dfa7067d29

  • SHA256

    67f29e422c1bc776543bb140db9ba58fde7cb77c0fed322e85c439e794f74b78

  • SHA512

    81f44ec248af6706415a0aebcff0188390a50b8d8d742564feae955dbe31115b33f7562af1b355e32e7ea59d4dade2ded5749a0e27511617be6e8c2265a3d71d

  • SSDEEP

    98304:ynni7NafIxrTuf0HrMeXQJfcNUjQRmmCgx:Z/ffMegZcqjQRtCgx

Malware Config

Targets

    • Target

      67f29e422c1bc776543bb140db9ba58fde7cb77c0fed322e85c439e794f74b78

    • Size

      3.1MB

    • MD5

      557db64dcdd886cc31cc5b02908b1ef1

    • SHA1

      7a8ce1216f0325abef220766661942dfa7067d29

    • SHA256

      67f29e422c1bc776543bb140db9ba58fde7cb77c0fed322e85c439e794f74b78

    • SHA512

      81f44ec248af6706415a0aebcff0188390a50b8d8d742564feae955dbe31115b33f7562af1b355e32e7ea59d4dade2ded5749a0e27511617be6e8c2265a3d71d

    • SSDEEP

      98304:ynni7NafIxrTuf0HrMeXQJfcNUjQRmmCgx:Z/ffMegZcqjQRtCgx

    • Possible privilege escalation attempt

    • Registers new Print Monitor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks