General

  • Target

    c17aca47d9fcf5e4f13ca4c3ac0ac26a088346403210a7d7b2975a855c47530b

  • Size

    168KB

  • Sample

    240526-c3erksce88

  • MD5

    1c821cc8bc868e57b1ea7c04b972825f

  • SHA1

    0b0dfbf5760d071b049de6d0db48af513b40b728

  • SHA256

    c17aca47d9fcf5e4f13ca4c3ac0ac26a088346403210a7d7b2975a855c47530b

  • SHA512

    4e820542a00ce02844e1a0d06f2fe8cbe07037dfa223744e1670e01d8fb199bab2337f8b4ec8b7c374747d033f3b88bb317cae5fa336f5365d1f427a071983ba

  • SSDEEP

    3072:fHpLdrxOFxlLzrQF0T8ZnPZihF3KYGnUujyOjs6UvVXPRB4oQZiEFq:XtOFxxrQJ0r3KYGnljw6AXxW6

Score
10/10

Malware Config

Targets

    • Target

      c17aca47d9fcf5e4f13ca4c3ac0ac26a088346403210a7d7b2975a855c47530b

    • Size

      168KB

    • MD5

      1c821cc8bc868e57b1ea7c04b972825f

    • SHA1

      0b0dfbf5760d071b049de6d0db48af513b40b728

    • SHA256

      c17aca47d9fcf5e4f13ca4c3ac0ac26a088346403210a7d7b2975a855c47530b

    • SHA512

      4e820542a00ce02844e1a0d06f2fe8cbe07037dfa223744e1670e01d8fb199bab2337f8b4ec8b7c374747d033f3b88bb317cae5fa336f5365d1f427a071983ba

    • SSDEEP

      3072:fHpLdrxOFxlLzrQF0T8ZnPZihF3KYGnUujyOjs6UvVXPRB4oQZiEFq:XtOFxxrQJ0r3KYGnljw6AXxW6

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks