General

  • Target

    fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae

  • Size

    139.7MB

  • Sample

    240801-blv7katcrq

  • MD5

    ddd859f194236cdd7f77dc2e65817f16

  • SHA1

    597cb86abd4dcd4efc0b9c9ea074f3c8dda61c3f

  • SHA256

    fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae

  • SHA512

    c46bc980c88fc3c707409b1be097fb533d66a3ac1474a06d40676dbb21ee9c9730aa24fdb8e50fc895fe901ad3acb138d3a5335ac60c13174c785e2dab67ac80

  • SSDEEP

    786432:qxeyemYExLVqyOqZDd+ybW1h4uyrzMVX9yvjBIA1toV+c7BmVvJpXrK7IBK53xp:qAmYeLQPqfWLYUNw91toV+caJ6H

Malware Config

Targets

    • Target

      fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae

    • Size

      139.7MB

    • MD5

      ddd859f194236cdd7f77dc2e65817f16

    • SHA1

      597cb86abd4dcd4efc0b9c9ea074f3c8dda61c3f

    • SHA256

      fdbdbc5fbea8a4ee9909b5fa2833df3e63a9f3786f49a2153ccdf23304d953ae

    • SHA512

      c46bc980c88fc3c707409b1be097fb533d66a3ac1474a06d40676dbb21ee9c9730aa24fdb8e50fc895fe901ad3acb138d3a5335ac60c13174c785e2dab67ac80

    • SSDEEP

      786432:qxeyemYExLVqyOqZDd+ybW1h4uyrzMVX9yvjBIA1toV+c7BmVvJpXrK7IBK53xp:qAmYeLQPqfWLYUNw91toV+caJ6H

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks