General
-
Target
721bed33451a1978d387aff14a680aa0N.exe
-
Size
200KB
-
Sample
240904-2xrlmayakk
-
MD5
721bed33451a1978d387aff14a680aa0
-
SHA1
3ee1a5e3e2e4eb38940da7f3d6e92f014b94205a
-
SHA256
8935aeaa6ce0b0c2e2b23d656db28c652a486a312361c16cd9433bbd4422beb6
-
SHA512
07d57ee9f41d44a9dc653696fbdcbffd1be2e182e3a9064843304fa558a47ddbd60025cf8414e96d50dd928569ac852eee3fac445c7882c3c5c23a161314e655
-
SSDEEP
3072:jUDVZv0tQ9nLHbB9WHCS0AgTlhsp3mWRmQ:Yv4QxL7B9WHK9Jhsp3v1
Malware Config
Targets
-
-
Target
721bed33451a1978d387aff14a680aa0N.exe
-
Size
200KB
-
MD5
721bed33451a1978d387aff14a680aa0
-
SHA1
3ee1a5e3e2e4eb38940da7f3d6e92f014b94205a
-
SHA256
8935aeaa6ce0b0c2e2b23d656db28c652a486a312361c16cd9433bbd4422beb6
-
SHA512
07d57ee9f41d44a9dc653696fbdcbffd1be2e182e3a9064843304fa558a47ddbd60025cf8414e96d50dd928569ac852eee3fac445c7882c3c5c23a161314e655
-
SSDEEP
3072:jUDVZv0tQ9nLHbB9WHCS0AgTlhsp3mWRmQ:Yv4QxL7B9WHK9Jhsp3v1
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2