General

  • Target

    9a5872645e1b01c7389a2fb86351565c9829e38f55afca3b606ac1447ed81df2

  • Size

    40KB

  • Sample

    240525-blt99shf37

  • MD5

    49d0d7418b0eb7009af6f2bcbdc347cd

  • SHA1

    9a311d6e709487777da863e57571f8d3b38f9207

  • SHA256

    9a5872645e1b01c7389a2fb86351565c9829e38f55afca3b606ac1447ed81df2

  • SHA512

    061fc171e528fa63d08598a17b1964abecb630d02f6c5f5556307f5cb912a2d1b9889647e46f1be889018f71da8888b89880733cc1abde94e532d9ef32e07833

  • SSDEEP

    768:f+fko/XiyhMpp8F9bdHXtHs7CQpcdHoCCvc:f1khM38F95NWee1vc

Score
10/10

Malware Config

Targets

    • Target

      9a5872645e1b01c7389a2fb86351565c9829e38f55afca3b606ac1447ed81df2

    • Size

      40KB

    • MD5

      49d0d7418b0eb7009af6f2bcbdc347cd

    • SHA1

      9a311d6e709487777da863e57571f8d3b38f9207

    • SHA256

      9a5872645e1b01c7389a2fb86351565c9829e38f55afca3b606ac1447ed81df2

    • SHA512

      061fc171e528fa63d08598a17b1964abecb630d02f6c5f5556307f5cb912a2d1b9889647e46f1be889018f71da8888b89880733cc1abde94e532d9ef32e07833

    • SSDEEP

      768:f+fko/XiyhMpp8F9bdHXtHs7CQpcdHoCCvc:f1khM38F95NWee1vc

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks