General

  • Target

    77b75ef2b087e43af291b2dde7be123f91eeec5d67e918186884e67bfa69c02d

  • Size

    2.1MB

  • Sample

    240522-3bv8csch77

  • MD5

    b020de0b8135bfd41b136eb5b8572f2e

  • SHA1

    e9382178428409fde954fa4d1b7ad32781dbb305

  • SHA256

    77b75ef2b087e43af291b2dde7be123f91eeec5d67e918186884e67bfa69c02d

  • SHA512

    6cdef0024a5570c0e6549da081ce4aa94a088009626cb9571e15515c7ea2062d6f8cf54e3c7b9074c9e566e6ed8d4b65bf62ec27d759675339b97e502b63114d

  • SSDEEP

    49152:bYi2aV8V9QaHywQlYAiN9ef/3IXtdOOqxbwPsR7mGhQ:EAQxUlYTqVRLhQ

Score
10/10

Malware Config

Targets

    • Target

      77b75ef2b087e43af291b2dde7be123f91eeec5d67e918186884e67bfa69c02d

    • Size

      2.1MB

    • MD5

      b020de0b8135bfd41b136eb5b8572f2e

    • SHA1

      e9382178428409fde954fa4d1b7ad32781dbb305

    • SHA256

      77b75ef2b087e43af291b2dde7be123f91eeec5d67e918186884e67bfa69c02d

    • SHA512

      6cdef0024a5570c0e6549da081ce4aa94a088009626cb9571e15515c7ea2062d6f8cf54e3c7b9074c9e566e6ed8d4b65bf62ec27d759675339b97e502b63114d

    • SSDEEP

      49152:bYi2aV8V9QaHywQlYAiN9ef/3IXtdOOqxbwPsR7mGhQ:EAQxUlYTqVRLhQ

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies Installed Components in the registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks