General
-
Target
e28dc35762a731499545f504bed24500b72cc4865b910af605dfa4d2737e3ca8
-
Size
160KB
-
Sample
240902-fpeq7stbra
-
MD5
7baa57697a82a6cf973bf2fa07b35745
-
SHA1
b13546afda44cb83b2cb53daed15656a88fe818f
-
SHA256
e28dc35762a731499545f504bed24500b72cc4865b910af605dfa4d2737e3ca8
-
SHA512
e6b955fdefcbe0991ec1d6f191d31390436e4d057467aebfd8eb7ecb00fca3c15aaec255211571b4e5a7c195387e111bdf3454974624fdac1b83d03e7fd97fd4
-
SSDEEP
3072:QGzsrBEoe5g+GwJs8K9YUoIrJaRuSZ/JlQPj/PYv2wM0A2vmkHgHAGFAhD4oQZi4:QGwrxP9YErMRuSZ/JlQLHYv2PkzGAMA2
Malware Config
Targets
-
-
Target
e28dc35762a731499545f504bed24500b72cc4865b910af605dfa4d2737e3ca8
-
Size
160KB
-
MD5
7baa57697a82a6cf973bf2fa07b35745
-
SHA1
b13546afda44cb83b2cb53daed15656a88fe818f
-
SHA256
e28dc35762a731499545f504bed24500b72cc4865b910af605dfa4d2737e3ca8
-
SHA512
e6b955fdefcbe0991ec1d6f191d31390436e4d057467aebfd8eb7ecb00fca3c15aaec255211571b4e5a7c195387e111bdf3454974624fdac1b83d03e7fd97fd4
-
SSDEEP
3072:QGzsrBEoe5g+GwJs8K9YUoIrJaRuSZ/JlQPj/PYv2wM0A2vmkHgHAGFAhD4oQZi4:QGwrxP9YErMRuSZ/JlQLHYv2PkzGAMA2
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2