General

  • Target

    dde8d4ae8edc613152f11b263b7a00d74d15cc38a2a3c036466a135ee96f09b5

  • Size

    4.8MB

  • Sample

    240601-etq5cshf4w

  • MD5

    6a9caa0836ae6e251de87e0004b4ca4b

  • SHA1

    59da2c1cb804a80cc0efab2b0e6967c221e44909

  • SHA256

    dde8d4ae8edc613152f11b263b7a00d74d15cc38a2a3c036466a135ee96f09b5

  • SHA512

    6b50262fdf28b77245434923b8180927808bc2f35bc453238ee3ff9b26c8e53b820838795b5453101d00c1c2d20f51196869104a456a0c2ae4dd2462eaa086d3

  • SSDEEP

    98304:g2mDMmD2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mDv:g2mDMmD2mDe2mDMmD2mDc2mDMmD2mDe8

Score
10/10

Malware Config

Targets

    • Target

      dde8d4ae8edc613152f11b263b7a00d74d15cc38a2a3c036466a135ee96f09b5

    • Size

      4.8MB

    • MD5

      6a9caa0836ae6e251de87e0004b4ca4b

    • SHA1

      59da2c1cb804a80cc0efab2b0e6967c221e44909

    • SHA256

      dde8d4ae8edc613152f11b263b7a00d74d15cc38a2a3c036466a135ee96f09b5

    • SHA512

      6b50262fdf28b77245434923b8180927808bc2f35bc453238ee3ff9b26c8e53b820838795b5453101d00c1c2d20f51196869104a456a0c2ae4dd2462eaa086d3

    • SSDEEP

      98304:g2mDMmD2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mDv:g2mDMmD2mDe2mDMmD2mDc2mDMmD2mDe8

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks