General
-
Target
c031b1ba9e85008952c1f01828a21d02
-
Size
17KB
-
Sample
240311-kzydhsgc2w
-
MD5
c031b1ba9e85008952c1f01828a21d02
-
SHA1
a3664031a624acdeb71063092e9339197cbac192
-
SHA256
ab79436e9124e23de074759ba688af1faa920f984451b24d73fe55552e636e05
-
SHA512
6d808bb608cf89f4dbfb140705024d3a249ac535a87628464f146d84545f01ed36b4eb73e1ff2e48a7a712e3601fc003436d8ca60336cb1aa26bb8f9cee33f10
-
SSDEEP
384:h5kAsWojnwgtfgXUMn3QtXP/U1SQuwWaNJawcudoD7U8xt:cWoDVYXUDXP82QnbcuyD7U8D
Malware Config
Targets
-
-
Target
c031b1ba9e85008952c1f01828a21d02
-
Size
17KB
-
MD5
c031b1ba9e85008952c1f01828a21d02
-
SHA1
a3664031a624acdeb71063092e9339197cbac192
-
SHA256
ab79436e9124e23de074759ba688af1faa920f984451b24d73fe55552e636e05
-
SHA512
6d808bb608cf89f4dbfb140705024d3a249ac535a87628464f146d84545f01ed36b4eb73e1ff2e48a7a712e3601fc003436d8ca60336cb1aa26bb8f9cee33f10
-
SSDEEP
384:h5kAsWojnwgtfgXUMn3QtXP/U1SQuwWaNJawcudoD7U8xt:cWoDVYXUDXP82QnbcuyD7U8D
Score8/10-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1