General
-
Target
a67df0a8b32bdc5f9d224db118b3153f66518737e702314873b673c914b2bb5c.zip
-
Size
575KB
-
Sample
240525-xbd17aed37
-
MD5
f7f1b1a26fee41fb63a657cbdefadf55
-
SHA1
a0e8af691d323f1d0fae6a8c5a936e6afe6c4544
-
SHA256
774bc51c7a1c63d3452ad7183db50034131d1c8deb0244ef7356bd7300a34ca6
-
SHA512
3c36f397b2b7f40ef570c77c54805f17ba0e6fde6e0fb99f9aaa5246d6adf89a53824850af927eae0c8c9c76e3e24dba688963fa0075817640ae3f380fa9046c
-
SSDEEP
12288:Lbf6tHFErVtcy3thqHTwmWNiRRWp/hYBmHPY9ZDRQlcAmjw8xRvbeBiC7G:nf6dWrRth8GNcRqhYBmvY9ZDcXmjwSpN
Malware Config
Targets
-
-
Target
a67df0a8b32bdc5f9d224db118b3153f66518737e702314873b673c914b2bb5c
-
Size
986KB
-
MD5
338476c2b0de4ee2f3e402f3495d0578
-
SHA1
03916123864aa034f7ca3b9d45b2e39b5c91c502
-
SHA256
a67df0a8b32bdc5f9d224db118b3153f66518737e702314873b673c914b2bb5c
-
SHA512
a59ff58d5125b8f70433bd54eb4ac3f3cb32a8ec8dfbfbe3480ebdfd644e2299f32a6ff9f41a08b3ee3d00ac02549e5bcd249b5675ef9cf00d40ff0fbe5aae66
-
SSDEEP
24576:gs2BSX1MZFkT3qF8cpLmvJpWG3FYSxUlmrXqWKBs64:LGSae8ypB0YjKBe
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1