General
-
Target
e2611b44e3682907765314019299e210N
-
Size
84KB
-
Sample
240914-p8rdsavgpf
-
MD5
e2611b44e3682907765314019299e210
-
SHA1
c3d1203453d482a5ce6d4a98d1becdd95301a28c
-
SHA256
8ec5e0a577901da4a783e77d661ac808af7fe543dec9be3571c0898532306e6c
-
SHA512
5ad645008e7b4e0a682abe6690606abe1920dfccf10c1cc9ef4b0865eef1926199441c379f5b3676d78f59147710f3af86558911281c4cf95d50b1d31c6f2258
-
SSDEEP
768:OHAPAM/41rB0ftoSh/8dk0NqxcGb2n5Hc/D0qg8hFPrL8Q4dn4deoVeAADY4BO0I:OKcMv58d7qlIPKovXV8
Malware Config
Targets
-
-
Target
e2611b44e3682907765314019299e210N
-
Size
84KB
-
MD5
e2611b44e3682907765314019299e210
-
SHA1
c3d1203453d482a5ce6d4a98d1becdd95301a28c
-
SHA256
8ec5e0a577901da4a783e77d661ac808af7fe543dec9be3571c0898532306e6c
-
SHA512
5ad645008e7b4e0a682abe6690606abe1920dfccf10c1cc9ef4b0865eef1926199441c379f5b3676d78f59147710f3af86558911281c4cf95d50b1d31c6f2258
-
SSDEEP
768:OHAPAM/41rB0ftoSh/8dk0NqxcGb2n5Hc/D0qg8hFPrL8Q4dn4deoVeAADY4BO0I:OKcMv58d7qlIPKovXV8
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2