General

  • Target

    explorerpatcher.exe

  • Size

    2.4MB

  • Sample

    240528-qcg1xaff52

  • MD5

    70238c15bc23e1ba24e61d3ec7c75a5d

  • SHA1

    a2db5a689af3ee18ebd746017b7834b041165f3f

  • SHA256

    167f90fad0d3df4e2bfd4a6b07e459a6e414f63fa20e473aedc8c82f3b21eaef

  • SHA512

    596e934b77a5d81072f92b267cc8856fb3ffb27c413b30890f107fdb9eefd88797a99beb724e25ad740dea3c32e6a541069ee64e0985083e30f2abbff93932af

  • SSDEEP

    24576:j9/cFhcQrdOKAeoQmcoIebnXM+bZPwOlJuWU0IuRbP2oiE3yYdI70glWs9+JRIXK:5cFROKxYIebouRbCvN7RlWd6K

Malware Config

Targets

    • Target

      explorerpatcher.exe

    • Size

      2.4MB

    • MD5

      70238c15bc23e1ba24e61d3ec7c75a5d

    • SHA1

      a2db5a689af3ee18ebd746017b7834b041165f3f

    • SHA256

      167f90fad0d3df4e2bfd4a6b07e459a6e414f63fa20e473aedc8c82f3b21eaef

    • SHA512

      596e934b77a5d81072f92b267cc8856fb3ffb27c413b30890f107fdb9eefd88797a99beb724e25ad740dea3c32e6a541069ee64e0985083e30f2abbff93932af

    • SSDEEP

      24576:j9/cFhcQrdOKAeoQmcoIebnXM+bZPwOlJuWU0IuRbP2oiE3yYdI70glWs9+JRIXK:5cFROKxYIebouRbCvN7RlWd6K

    • Modifies Installed Components in the registry

    • Stops running service(s)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks