General

  • Target

    0a272a904e633acda2fca68cf8bfb560N.exe

  • Size

    48KB

  • Sample

    240813-vcpszazdlq

  • MD5

    0a272a904e633acda2fca68cf8bfb560

  • SHA1

    5c56c4a094d7e987aba2ecade91ed5243e041a1a

  • SHA256

    72648ffcdb332e522ec000bb891a4068bc654724d452168de3091738819efe80

  • SHA512

    3f05a5946c856616c96246204ba7d7b97f52d65844f7414f6238f91532bbaf50d5c45ffa305b1d8516a3de37d4311c7f79b35c73092fb24c065062db5a5c80d0

  • SSDEEP

    768:sRj3df8Zx55DVWl8zHPHXyXHCzcHHvzQBdi9vc:sR2xnVWl4vUv4Wvc

Malware Config

Targets

    • Target

      0a272a904e633acda2fca68cf8bfb560N.exe

    • Size

      48KB

    • MD5

      0a272a904e633acda2fca68cf8bfb560

    • SHA1

      5c56c4a094d7e987aba2ecade91ed5243e041a1a

    • SHA256

      72648ffcdb332e522ec000bb891a4068bc654724d452168de3091738819efe80

    • SHA512

      3f05a5946c856616c96246204ba7d7b97f52d65844f7414f6238f91532bbaf50d5c45ffa305b1d8516a3de37d4311c7f79b35c73092fb24c065062db5a5c80d0

    • SSDEEP

      768:sRj3df8Zx55DVWl8zHPHXyXHCzcHHvzQBdi9vc:sR2xnVWl4vUv4Wvc

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks