General

  • Target

    057e8e525e0103040c50443808653800N.exe

  • Size

    79KB

  • Sample

    240801-1b834swhmq

  • MD5

    057e8e525e0103040c50443808653800

  • SHA1

    7a3bf03dbe7f09bcf417959f78b5c05f1abf8b56

  • SHA256

    909aac331e27feee68dd9943af466e7883311fb4ecd37fc929a3b61b6553afcd

  • SHA512

    11558ae13eff229491933d642f3de57fe6dc5dce4da09d7facee85e5e140d46102f57563d680c04178f8ac1070c8b8557a8d054f3efbb0aeeaa2e950df1d8654

  • SSDEEP

    1536:RLFbQafrACEVLUQ/HItWt68/gQGSdsGizbR9XwzA:Jf8CE/HIM68/gtSsBPvwE

Malware Config

Targets

    • Target

      057e8e525e0103040c50443808653800N.exe

    • Size

      79KB

    • MD5

      057e8e525e0103040c50443808653800

    • SHA1

      7a3bf03dbe7f09bcf417959f78b5c05f1abf8b56

    • SHA256

      909aac331e27feee68dd9943af466e7883311fb4ecd37fc929a3b61b6553afcd

    • SHA512

      11558ae13eff229491933d642f3de57fe6dc5dce4da09d7facee85e5e140d46102f57563d680c04178f8ac1070c8b8557a8d054f3efbb0aeeaa2e950df1d8654

    • SSDEEP

      1536:RLFbQafrACEVLUQ/HItWt68/gQGSdsGizbR9XwzA:Jf8CE/HIM68/gtSsBPvwE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks