General
-
Target
d04bbb64aa6ebec0f04542b1844fd4b0N.exe
-
Size
156KB
-
Sample
240914-kyfr3swgkd
-
MD5
d04bbb64aa6ebec0f04542b1844fd4b0
-
SHA1
043c0172875069d3594c5f8504a28c855051f158
-
SHA256
3316bec72997d8b2d923f9b8e53cae640116ca90e86db98d8c53f345796840ab
-
SHA512
fc84eb2440fbc24c922aa4deac6683324a3c3f29ed89ec09b5c9cf820b51cd368cd9497dc755cfdd0871cd29f99990a41f8df1fb6f333c0865074fe6a4f55457
-
SSDEEP
3072:pHpLdUxOFxlLzrQF0T8ZnPZihF3KYGnUujyOjs6UvVXIR6CE5j4oQ:ZyOFxxrQJ0r3KYGnljw6AXfd
Malware Config
Targets
-
-
Target
d04bbb64aa6ebec0f04542b1844fd4b0N.exe
-
Size
156KB
-
MD5
d04bbb64aa6ebec0f04542b1844fd4b0
-
SHA1
043c0172875069d3594c5f8504a28c855051f158
-
SHA256
3316bec72997d8b2d923f9b8e53cae640116ca90e86db98d8c53f345796840ab
-
SHA512
fc84eb2440fbc24c922aa4deac6683324a3c3f29ed89ec09b5c9cf820b51cd368cd9497dc755cfdd0871cd29f99990a41f8df1fb6f333c0865074fe6a4f55457
-
SSDEEP
3072:pHpLdUxOFxlLzrQF0T8ZnPZihF3KYGnUujyOjs6UvVXIR6CE5j4oQ:ZyOFxxrQJ0r3KYGnljw6AXfd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2