General
-
Target
bd3be383f988bcb73cc1808c4a270240N.exe
-
Size
364KB
-
Sample
240820-hbsr1sxfne
-
MD5
bd3be383f988bcb73cc1808c4a270240
-
SHA1
53680bee4bc869f4da27899d0caf8277b8c1d40b
-
SHA256
ec6ca61775dc372a1a2059cc06b50acc294b9650c317ef8567473d6178725708
-
SHA512
a822bc294e907b51070752e94a0e86560efc5583201648a5da5389f17e5b99adf024ae0f4176acf01213eb328baf73c97424a628bdf01787027f71e7d95c9486
-
SSDEEP
3072:0mGAiXP9cJuGEnvBGKcHplTOoX56B4uE7U4iy+LwldhzNkYMvMZqvRWK6toRG9DO:29KuPnvBGdxYJxwphkYMvMZ/DO
Malware Config
Targets
-
-
Target
bd3be383f988bcb73cc1808c4a270240N.exe
-
Size
364KB
-
MD5
bd3be383f988bcb73cc1808c4a270240
-
SHA1
53680bee4bc869f4da27899d0caf8277b8c1d40b
-
SHA256
ec6ca61775dc372a1a2059cc06b50acc294b9650c317ef8567473d6178725708
-
SHA512
a822bc294e907b51070752e94a0e86560efc5583201648a5da5389f17e5b99adf024ae0f4176acf01213eb328baf73c97424a628bdf01787027f71e7d95c9486
-
SSDEEP
3072:0mGAiXP9cJuGEnvBGKcHplTOoX56B4uE7U4iy+LwldhzNkYMvMZqvRWK6toRG9DO:29KuPnvBGdxYJxwphkYMvMZ/DO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2