General

  • Target

    d34b78137304fe043fecde0fac1d027fa402de74daa64fbf00e42755c7576fd2

  • Size

    39.4MB

  • Sample

    240525-z85lhsbd57

  • MD5

    73368d8da3f996102adcdce33dc79280

  • SHA1

    b61c09b9f1d740fc60dadb583d55a53b4e3e913a

  • SHA256

    d34b78137304fe043fecde0fac1d027fa402de74daa64fbf00e42755c7576fd2

  • SHA512

    116dbcd3e289bc8516b73ee9f3bf3e4fd39941238d13cf6e6abe31f8a6a8f74298c4ea015f45ec7fa4277963fd5d8cf716a09af53f0a4e13b32b9990eac468ef

  • SSDEEP

    786432:Bkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHo:Bsdqqez9H7wWPRt3f3bXo1wN6

Malware Config

Targets

    • Target

      d34b78137304fe043fecde0fac1d027fa402de74daa64fbf00e42755c7576fd2

    • Size

      39.4MB

    • MD5

      73368d8da3f996102adcdce33dc79280

    • SHA1

      b61c09b9f1d740fc60dadb583d55a53b4e3e913a

    • SHA256

      d34b78137304fe043fecde0fac1d027fa402de74daa64fbf00e42755c7576fd2

    • SHA512

      116dbcd3e289bc8516b73ee9f3bf3e4fd39941238d13cf6e6abe31f8a6a8f74298c4ea015f45ec7fa4277963fd5d8cf716a09af53f0a4e13b32b9990eac468ef

    • SSDEEP

      786432:Bkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHo:Bsdqqez9H7wWPRt3f3bXo1wN6

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks