General
-
Target
a4611239108c5869fea29ade23ddaf30N.exe
-
Size
52KB
-
Sample
240905-pxn5aa1cpp
-
MD5
a4611239108c5869fea29ade23ddaf30
-
SHA1
ad52c43dd5ad89c50451692bcdc0dd83ec3ebc7e
-
SHA256
720c28bed54ea1ebee58753f68b9c62426f05dd049db25fac664c5d8bc584448
-
SHA512
cc0c44297c6ec013cea5c132bf8eea5eabbe31a62f7a292167a167ed537fa0fc8965b8178d303dda5dd86019231ab2e971dc2e84baa0b9114f283dc2458bdf69
-
SSDEEP
768:kUHa5oCcdcuT2lhZuvKl1twDd/v/jdISproC6RHwibw5/FzpdH:kRSek2lhZuilHwDR3jRoC6RHOpdH
Malware Config
Targets
-
-
Target
a4611239108c5869fea29ade23ddaf30N.exe
-
Size
52KB
-
MD5
a4611239108c5869fea29ade23ddaf30
-
SHA1
ad52c43dd5ad89c50451692bcdc0dd83ec3ebc7e
-
SHA256
720c28bed54ea1ebee58753f68b9c62426f05dd049db25fac664c5d8bc584448
-
SHA512
cc0c44297c6ec013cea5c132bf8eea5eabbe31a62f7a292167a167ed537fa0fc8965b8178d303dda5dd86019231ab2e971dc2e84baa0b9114f283dc2458bdf69
-
SSDEEP
768:kUHa5oCcdcuT2lhZuvKl1twDd/v/jdISproC6RHwibw5/FzpdH:kRSek2lhZuilHwDR3jRoC6RHOpdH
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2