General

  • Target

    e586cace523ff7c8643837332b4ad0e896c4f90c1e56e8681b9669659d9c7b27

  • Size

    39.4MB

  • Sample

    240524-wpmd2see83

  • MD5

    6f515d2a9452d3b3a9856cab3e18e077

  • SHA1

    ca1bfa791bb17ab23fdfc56dae2b04dd58d7b744

  • SHA256

    e586cace523ff7c8643837332b4ad0e896c4f90c1e56e8681b9669659d9c7b27

  • SHA512

    d996e2d061e0e3268de97ead7f0843d7f41726bb95a845894cfcf77160cb362fc4076b907e9e365050be50ec637d838807522b747339902ee5aa68a04fa1e397

  • SSDEEP

    786432:Okxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVH+Lp:Osdqqez9H7wWPRt3f3bXo1wNq

Malware Config

Targets

    • Target

      e586cace523ff7c8643837332b4ad0e896c4f90c1e56e8681b9669659d9c7b27

    • Size

      39.4MB

    • MD5

      6f515d2a9452d3b3a9856cab3e18e077

    • SHA1

      ca1bfa791bb17ab23fdfc56dae2b04dd58d7b744

    • SHA256

      e586cace523ff7c8643837332b4ad0e896c4f90c1e56e8681b9669659d9c7b27

    • SHA512

      d996e2d061e0e3268de97ead7f0843d7f41726bb95a845894cfcf77160cb362fc4076b907e9e365050be50ec637d838807522b747339902ee5aa68a04fa1e397

    • SSDEEP

      786432:Okxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVH+Lp:Osdqqez9H7wWPRt3f3bXo1wNq

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks