General

  • Target

    Kontakt7.zip

  • Size

    565.5MB

  • Sample

    240302-3bva3aaf99

  • MD5

    560b182c5cd7e1fae40ba8a3d6cdce1c

  • SHA1

    1d68b2d127e79c935fa49a11f06963e8296371fb

  • SHA256

    16d9bc3d5e59df1878984cfd3d755a8eff71e35bd87cad9d6d14450badc0be9e

  • SHA512

    768f975471d6632d9672850344f40c57f6f5086c76e578b1db0d035ca8d5ed803c16ed2e995a8cbef2a937c7d7e8015f95deb028dc5582e5ade077e40069b927

  • SSDEEP

    12582912:KxY/pcRS3aD0X68vFhQJQSStjrtCjLYL9RZyqzH6sNkG7RPZ:KxY/cS3aD0fLqYLvZBH6s/VPZ

Malware Config

Targets

    • Target

      Kontakt7.zip

    • Size

      565.5MB

    • MD5

      560b182c5cd7e1fae40ba8a3d6cdce1c

    • SHA1

      1d68b2d127e79c935fa49a11f06963e8296371fb

    • SHA256

      16d9bc3d5e59df1878984cfd3d755a8eff71e35bd87cad9d6d14450badc0be9e

    • SHA512

      768f975471d6632d9672850344f40c57f6f5086c76e578b1db0d035ca8d5ed803c16ed2e995a8cbef2a937c7d7e8015f95deb028dc5582e5ade077e40069b927

    • SSDEEP

      12582912:KxY/pcRS3aD0X68vFhQJQSStjrtCjLYL9RZyqzH6sNkG7RPZ:KxY/cS3aD0fLqYLvZBH6s/VPZ

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks