General
-
Target
03821a79ec633526bdbb0aa6aa8e7cdfa67d8207444133d9467f75196da99612
-
Size
392KB
-
Sample
240309-x14m5sge8w
-
MD5
1839f51ab6ca69146fc987a3d8748f0a
-
SHA1
cb0de654492fc306aaf40a23e4bdb19b3fbb7f1e
-
SHA256
03821a79ec633526bdbb0aa6aa8e7cdfa67d8207444133d9467f75196da99612
-
SHA512
d6b70197615f2523c941a89bdf59b0eb11adf0eb716661414282b2cce81f057d07466e618f1fbc8bf629f787e36d1821143813c1eadffca036f68858ea7f08ba
-
SSDEEP
12288:401XB3fTg2RV36C3GwBkzZjwFu6mY3gOfgSN:401XB3fx361Ukd8zN3gsv
Malware Config
Targets
-
-
Target
03821a79ec633526bdbb0aa6aa8e7cdfa67d8207444133d9467f75196da99612
-
Size
392KB
-
MD5
1839f51ab6ca69146fc987a3d8748f0a
-
SHA1
cb0de654492fc306aaf40a23e4bdb19b3fbb7f1e
-
SHA256
03821a79ec633526bdbb0aa6aa8e7cdfa67d8207444133d9467f75196da99612
-
SHA512
d6b70197615f2523c941a89bdf59b0eb11adf0eb716661414282b2cce81f057d07466e618f1fbc8bf629f787e36d1821143813c1eadffca036f68858ea7f08ba
-
SSDEEP
12288:401XB3fTg2RV36C3GwBkzZjwFu6mY3gOfgSN:401XB3fx361Ukd8zN3gsv
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1