General
-
Target
cc323071214de01593a3c3c5bb93cc34
-
Size
132KB
-
Sample
240315-xtfyhage8s
-
MD5
cc323071214de01593a3c3c5bb93cc34
-
SHA1
918d2456c5d4dc3339b8ab72827aa85d98b42e94
-
SHA256
10abc598d5b01f83c197d3d06f6a33c16704410a2ebc0d13768da9651e72f60c
-
SHA512
35309b6ef08904303c379399d30d7bed892363914d188cf778a9f48989fd3b3c285e50659324ec14153d0d510df65ad165405beebf6538cb6786dde4ce2dd01f
-
SSDEEP
768:P/raHM782f9rvs2Zg5nicskQzTGfxgzh3emu4v/eB4z7VP7LdGSu2HyTAzfMgTA1:P/roM7ZJfUQWgY54v
Malware Config
Targets
-
-
Target
cc323071214de01593a3c3c5bb93cc34
-
Size
132KB
-
MD5
cc323071214de01593a3c3c5bb93cc34
-
SHA1
918d2456c5d4dc3339b8ab72827aa85d98b42e94
-
SHA256
10abc598d5b01f83c197d3d06f6a33c16704410a2ebc0d13768da9651e72f60c
-
SHA512
35309b6ef08904303c379399d30d7bed892363914d188cf778a9f48989fd3b3c285e50659324ec14153d0d510df65ad165405beebf6538cb6786dde4ce2dd01f
-
SSDEEP
768:P/raHM782f9rvs2Zg5nicskQzTGfxgzh3emu4v/eB4z7VP7LdGSu2HyTAzfMgTA1:P/roM7ZJfUQWgY54v
Score10/10-
Modifies visibility of file extensions in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
3