General

  • Target

    N360-ESD-22.20.5.39-EN.exe

  • Size

    182.6MB

  • Sample

    240323-h924caee78

  • MD5

    c179f7d042f45101ff3a198004514cf4

  • SHA1

    94ae03eedcfb23fcebbee53f6120d601d6e5a9fe

  • SHA256

    bb25d8e75f97ec0040a30361fade5f5fb17cb282502928f5e4344b7193490974

  • SHA512

    a39976e86735c266a6d7e7a22d7b1762c8f03dfa2e95528f9cda46de96e889594f327efd1a23717058d16e549ba4abb1f13f7765cafcc662969ac8dbacaaedaa

  • SSDEEP

    3145728:OX39GeVIqEhI3o4dwuG2Z/0peaElPssxz9jzPhfl7DotpZbY8GClJsgWCZ2QCptW:G3EYIE5dG0iFvEz9JFDupZbIe9WCZ2QN

Malware Config

Targets

    • Target

      N360-ESD-22.20.5.39-EN.exe

    • Size

      182.6MB

    • MD5

      c179f7d042f45101ff3a198004514cf4

    • SHA1

      94ae03eedcfb23fcebbee53f6120d601d6e5a9fe

    • SHA256

      bb25d8e75f97ec0040a30361fade5f5fb17cb282502928f5e4344b7193490974

    • SHA512

      a39976e86735c266a6d7e7a22d7b1762c8f03dfa2e95528f9cda46de96e889594f327efd1a23717058d16e549ba4abb1f13f7765cafcc662969ac8dbacaaedaa

    • SSDEEP

      3145728:OX39GeVIqEhI3o4dwuG2Z/0peaElPssxz9jzPhfl7DotpZbY8GClJsgWCZ2QCptW:G3EYIE5dG0iFvEz9JFDupZbIe9WCZ2QN

    • Drops file in Drivers directory

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks