General
-
Target
8c9afdb548b25113320d43e859ff6bbe.zip
-
Size
87KB
-
Sample
240902-asebyswdmj
-
MD5
33c16dc0f783d68d9ddd447a45fafb05
-
SHA1
5bac5266d6fc9940e5429f469466edad05850141
-
SHA256
01437cab6be9b67f903754257925dac31f9792f15b3f4de42cc0f102a447a3d8
-
SHA512
ee42e5fa243b1392a01ecbfc54ab4f757340d3d764490315176b28bd1909a4a6ecc0360b4b3384edda6324d4250bf8293ebeb3e593b800efd19776041fcf451c
-
SSDEEP
1536:qiZKAQjYBEs46IbfR1UVitve2X+zk89CmkH6WsSQZC+81KY5I6QP0sIYuJ:qivyV3ocvec+zbkaWs1ZC+bY5Q0sIJ
Malware Config
Targets
-
-
Target
8948fb6e75689cf9670fe846352643c89544252291348a535e427d778cb5897c
-
Size
232KB
-
MD5
8c9afdb548b25113320d43e859ff6bbe
-
SHA1
e66945bc2b53818d097f3fd8dccf8eaa3478f696
-
SHA256
8948fb6e75689cf9670fe846352643c89544252291348a535e427d778cb5897c
-
SHA512
5fea428a927295afdc642e42632f9d40dc2cc749810eb958991633d2d87b70b352b03f81e05d3e20c3d2575902f88c853df48d0ec17463736cb0573ac6ccfe3c
-
SSDEEP
3072:bCaTo/0Yx20tQ9nLHbB9WPliBs2HWWEakGJm9YF:bCDI4QxL7B9WPli+yWWEazP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2