General

  • Target

    db2283341a6925851c2c950661d54014

  • Size

    270KB

  • Sample

    240321-j4ge5afb45

  • MD5

    db2283341a6925851c2c950661d54014

  • SHA1

    c37035c71dfaa89aa2f7781821a514647031918c

  • SHA256

    44273f3e4f2bc00cf52f41ea868c2e37adfbbc61794624616fab4654210252a0

  • SHA512

    0049ef7bbf69d0f9a36024c0c63762aa56cfcdf8f62e23c67ddc6b7412b3d4268d3ee19388caea20aec76dd742efd854a4ae086644e7d9f4d2357ec38b5ac55d

  • SSDEEP

    6144:eY94N0vEqad1998guXoQNPrdhgmfJsMojICJSFdLhL5exFwT:19Ot79n4Tv2zJW9L5cU

Malware Config

Targets

    • Target

      db2283341a6925851c2c950661d54014

    • Size

      270KB

    • MD5

      db2283341a6925851c2c950661d54014

    • SHA1

      c37035c71dfaa89aa2f7781821a514647031918c

    • SHA256

      44273f3e4f2bc00cf52f41ea868c2e37adfbbc61794624616fab4654210252a0

    • SHA512

      0049ef7bbf69d0f9a36024c0c63762aa56cfcdf8f62e23c67ddc6b7412b3d4268d3ee19388caea20aec76dd742efd854a4ae086644e7d9f4d2357ec38b5ac55d

    • SSDEEP

      6144:eY94N0vEqad1998guXoQNPrdhgmfJsMojICJSFdLhL5exFwT:19Ot79n4Tv2zJW9L5cU

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks