General

  • Target

    babe215ff77078113313eff8161945bf

  • Size

    152KB

  • Sample

    240308-g6q18shd26

  • MD5

    babe215ff77078113313eff8161945bf

  • SHA1

    ba7f0d54a5bf5bd8d3e06ee2e1b4b160905c68c3

  • SHA256

    4422e11047ddb8f2cc9926337530aed01a1a7938f399763fba22edccd572bb86

  • SHA512

    1490acfc6636c0ed2433bb9ec8bec6217134478e01988ca6ce92d67011450c47fd9ff53caa7393a2eea259dd0ecce5a700eaa183632483af4cf4242786e15d92

  • SSDEEP

    3072:WjjxMuf9SCDGZRImwnpDT/B660vYSrwCL8sN01jsvmus0I:WOu5SREnpDT/M60vYSrwCLSsv/

Score
10/10

Malware Config

Targets

    • Target

      babe215ff77078113313eff8161945bf

    • Size

      152KB

    • MD5

      babe215ff77078113313eff8161945bf

    • SHA1

      ba7f0d54a5bf5bd8d3e06ee2e1b4b160905c68c3

    • SHA256

      4422e11047ddb8f2cc9926337530aed01a1a7938f399763fba22edccd572bb86

    • SHA512

      1490acfc6636c0ed2433bb9ec8bec6217134478e01988ca6ce92d67011450c47fd9ff53caa7393a2eea259dd0ecce5a700eaa183632483af4cf4242786e15d92

    • SSDEEP

      3072:WjjxMuf9SCDGZRImwnpDT/B660vYSrwCL8sN01jsvmus0I:WOu5SREnpDT/M60vYSrwCLSsv/

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks