General
-
Target
594bbf1900961061fbe5306e96083c20N.exe
-
Size
156KB
-
Sample
240819-15bppssekr
-
MD5
594bbf1900961061fbe5306e96083c20
-
SHA1
4198dfc88f3503aee89a19e1528aac080001e988
-
SHA256
70908d84ee81ee1e995ee977f89943831400e6d8279cd211db16201a7bf898b4
-
SHA512
a7af1cb3cbfd13ba0caa9c1e8bfdfdfb9362853b4c5684b25616178c3090a9efbc47dbdab6dc18f0e3f0a7441e3a3c9f8f44b97da5c7613fe679eeb3275df473
-
SSDEEP
3072:iSedqFzxgwMylAUR6UQUcJPPB5RPXsS+t9jiC4oQZiEdTd:i2FzxgZVU49xEtlzWZ
Malware Config
Targets
-
-
Target
594bbf1900961061fbe5306e96083c20N.exe
-
Size
156KB
-
MD5
594bbf1900961061fbe5306e96083c20
-
SHA1
4198dfc88f3503aee89a19e1528aac080001e988
-
SHA256
70908d84ee81ee1e995ee977f89943831400e6d8279cd211db16201a7bf898b4
-
SHA512
a7af1cb3cbfd13ba0caa9c1e8bfdfdfb9362853b4c5684b25616178c3090a9efbc47dbdab6dc18f0e3f0a7441e3a3c9f8f44b97da5c7613fe679eeb3275df473
-
SSDEEP
3072:iSedqFzxgwMylAUR6UQUcJPPB5RPXsS+t9jiC4oQZiEdTd:i2FzxgZVU49xEtlzWZ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2