General

  • Target

    56df66ed0f0b1af511e3b84ae5615a6712c4dad3c00dda2b4cdd10705d161178.exe

  • Size

    1.7MB

  • Sample

    240228-t7lt5agf51

  • MD5

    9ebf53f2ef3ffdd38094e3a1562c7c37

  • SHA1

    27f16fec7eb545da99a8d0855266b629a8dbc45d

  • SHA256

    56df66ed0f0b1af511e3b84ae5615a6712c4dad3c00dda2b4cdd10705d161178

  • SHA512

    6ca9994916f23b91ce4e6e22c5ef3bf98710df83d2a23f09f6c4a0c756e9861328245a58f26d6cb6f3b2e1a7a633c91ceb8b34b4e47cde4890a00ac0db8ce30a

  • SSDEEP

    49152:lZ9EOSLHKgzMksqzLD+R4nSyfKsrcux8pfXC2e/8:pczKgzMkBnSypAuipC3/8

Malware Config

Targets

    • Target

      56df66ed0f0b1af511e3b84ae5615a6712c4dad3c00dda2b4cdd10705d161178.exe

    • Size

      1.7MB

    • MD5

      9ebf53f2ef3ffdd38094e3a1562c7c37

    • SHA1

      27f16fec7eb545da99a8d0855266b629a8dbc45d

    • SHA256

      56df66ed0f0b1af511e3b84ae5615a6712c4dad3c00dda2b4cdd10705d161178

    • SHA512

      6ca9994916f23b91ce4e6e22c5ef3bf98710df83d2a23f09f6c4a0c756e9861328245a58f26d6cb6f3b2e1a7a633c91ceb8b34b4e47cde4890a00ac0db8ce30a

    • SSDEEP

      49152:lZ9EOSLHKgzMksqzLD+R4nSyfKsrcux8pfXC2e/8:pczKgzMkBnSypAuipC3/8

    • Detects executables packed with Dotfuscator

    • Drops file in Drivers directory

    • Possible privilege escalation attempt

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks