General

  • Target

    dc3c111c0a69831725412a7860ce36623ce4a90e689e3aa7f3bceef3e5bbbfb5

  • Size

    5KB

  • Sample

    240526-eblf6adf91

  • MD5

    3158d65edcf41c1b1496681b3cb81ef1

  • SHA1

    e077ccb9c74553c1efdbc7428ae81ba5be168878

  • SHA256

    dc3c111c0a69831725412a7860ce36623ce4a90e689e3aa7f3bceef3e5bbbfb5

  • SHA512

    455d49314f369325862ce2706b5057fa534687b4d3ee17e5432211af181993c3b3f87278ccd77ad84124d25fb80a98ca380d8a8de8cc34c97b4490c1a16c26e1

  • SSDEEP

    48:qaD/L9AmnRt/G9aDBX7KZlejjuut71rsHB/VnC/RAxUl2CS70ALNx:NCCX3BLsmaut7uHnnwR2Ul2ClAhx

Score
8/10

Malware Config

Targets

    • Target

      dc3c111c0a69831725412a7860ce36623ce4a90e689e3aa7f3bceef3e5bbbfb5

    • Size

      5KB

    • MD5

      3158d65edcf41c1b1496681b3cb81ef1

    • SHA1

      e077ccb9c74553c1efdbc7428ae81ba5be168878

    • SHA256

      dc3c111c0a69831725412a7860ce36623ce4a90e689e3aa7f3bceef3e5bbbfb5

    • SHA512

      455d49314f369325862ce2706b5057fa534687b4d3ee17e5432211af181993c3b3f87278ccd77ad84124d25fb80a98ca380d8a8de8cc34c97b4490c1a16c26e1

    • SSDEEP

      48:qaD/L9AmnRt/G9aDBX7KZlejjuut71rsHB/VnC/RAxUl2CS70ALNx:NCCX3BLsmaut7uHnnwR2Ul2ClAhx

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks