General

  • Target

    049ccaccefa46b63e82ddf68c01089eaf47551ec4ac496428af5c139f132b0ca

  • Size

    6.2MB

  • Sample

    240603-wwchesee2y

  • MD5

    01ac44230a1b57adb454ce85b3d4c10d

  • SHA1

    485d72d28286e00563eb4b0f157575023fc61708

  • SHA256

    049ccaccefa46b63e82ddf68c01089eaf47551ec4ac496428af5c139f132b0ca

  • SHA512

    584b8560379743df8fbb0d21e8762867c6a03a655e69d02476f4659f3f8467b014faf293a2a74b8966f37a8cb702076d9732a70d470f50ac09c65281eedf29ca

  • SSDEEP

    196608:g2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mi:/

Score
10/10

Malware Config

Targets

    • Target

      049ccaccefa46b63e82ddf68c01089eaf47551ec4ac496428af5c139f132b0ca

    • Size

      6.2MB

    • MD5

      01ac44230a1b57adb454ce85b3d4c10d

    • SHA1

      485d72d28286e00563eb4b0f157575023fc61708

    • SHA256

      049ccaccefa46b63e82ddf68c01089eaf47551ec4ac496428af5c139f132b0ca

    • SHA512

      584b8560379743df8fbb0d21e8762867c6a03a655e69d02476f4659f3f8467b014faf293a2a74b8966f37a8cb702076d9732a70d470f50ac09c65281eedf29ca

    • SSDEEP

      196608:g2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mDe2mDMmD2mDc2mDMmD2mi:/

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

2
T1547

Registry Run Keys / Startup Folder

2
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

2
T1547

Registry Run Keys / Startup Folder

2
T1547.001

Defense Evasion

Hide Artifacts

2
T1564

Hidden Files and Directories

2
T1564.001

Modify Registry

5
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks