General
-
Target
1d29d3e69459730d9dd5fb1a0c10b50d62caa79ed91556d60caf6422a20ea048
-
Size
204KB
-
Sample
240810-x5hapsybrh
-
MD5
cb259184002cd5e34a39a33e5cf8ba99
-
SHA1
64d7d5618c3ab782f495194bbb1ec2a4b390b10e
-
SHA256
1d29d3e69459730d9dd5fb1a0c10b50d62caa79ed91556d60caf6422a20ea048
-
SHA512
c9ccfdaf1ce3c97677b98e4e2ca402daa97ec6b175c8508295d45fe2a4645eac3e6c6951603fd2384a395e6747bbbc49000cecb113b7ac27105494df9dffe231
-
SSDEEP
3072:4mEW8AH0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWVEj:D5B4QxL7B9W0c1RCzR/fSmluA
Malware Config
Targets
-
-
Target
1d29d3e69459730d9dd5fb1a0c10b50d62caa79ed91556d60caf6422a20ea048
-
Size
204KB
-
MD5
cb259184002cd5e34a39a33e5cf8ba99
-
SHA1
64d7d5618c3ab782f495194bbb1ec2a4b390b10e
-
SHA256
1d29d3e69459730d9dd5fb1a0c10b50d62caa79ed91556d60caf6422a20ea048
-
SHA512
c9ccfdaf1ce3c97677b98e4e2ca402daa97ec6b175c8508295d45fe2a4645eac3e6c6951603fd2384a395e6747bbbc49000cecb113b7ac27105494df9dffe231
-
SSDEEP
3072:4mEW8AH0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWVEj:D5B4QxL7B9W0c1RCzR/fSmluA
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2