General
-
Target
a32ecdaa56afd6b209c6233f3742d1c2
-
Size
369KB
-
Sample
240225-hz8s5sfc3y
-
MD5
a32ecdaa56afd6b209c6233f3742d1c2
-
SHA1
a05f87d3435dad50c66b849066026573df7cd37c
-
SHA256
b0f3d40d756fd6f873d42a90d5bdb06fd024fa61e26e2708d42cf444b707c42a
-
SHA512
967fa35552e0c63676539eff8de25cc087d5ac994e5fb32a9a73da01d53f22f0b20ae3177801a1ea535d5f5280a6d1cddcfb8facb3efaa56c8ee65bfe0d708fe
-
SSDEEP
6144:NED1ORcsbE71cNwPLvoqg0R2VhPefm0TorDtSINX0wz4PtqcNT1rBqUqyDJ:pTY71c2obY7ILGxqCvzqyDJ
Malware Config
Targets
-
-
Target
a32ecdaa56afd6b209c6233f3742d1c2
-
Size
369KB
-
MD5
a32ecdaa56afd6b209c6233f3742d1c2
-
SHA1
a05f87d3435dad50c66b849066026573df7cd37c
-
SHA256
b0f3d40d756fd6f873d42a90d5bdb06fd024fa61e26e2708d42cf444b707c42a
-
SHA512
967fa35552e0c63676539eff8de25cc087d5ac994e5fb32a9a73da01d53f22f0b20ae3177801a1ea535d5f5280a6d1cddcfb8facb3efaa56c8ee65bfe0d708fe
-
SSDEEP
6144:NED1ORcsbE71cNwPLvoqg0R2VhPefm0TorDtSINX0wz4PtqcNT1rBqUqyDJ:pTY71c2obY7ILGxqCvzqyDJ
Score10/10-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1