General

  • Target

    2d39a6eeb83e7415900803b903ba2fa0N

  • Size

    168KB

  • Sample

    240915-nca69a1bnf

  • MD5

    2d39a6eeb83e7415900803b903ba2fa0

  • SHA1

    a50b697ec23b8591d6c7a8524f32dce553ccd146

  • SHA256

    59040f8ff05b3023cbd02aab67e1292922d9ebdf7ae90c16bb255f0a230dbdc5

  • SHA512

    3ce4555ece215a6f602ca4985b665c5b167e2e2ea2030b56771a91ff363647535d74e383a2738d788e4404b3a2a5212fe24b043c8b9c266bcd7e957fb6c6b001

  • SSDEEP

    1536:i2WDcOpULCH0a+TNXyyXetH28JZveKivnia:zWDuLzZXyyXeECveDnH

Malware Config

Targets

    • Target

      2d39a6eeb83e7415900803b903ba2fa0N

    • Size

      168KB

    • MD5

      2d39a6eeb83e7415900803b903ba2fa0

    • SHA1

      a50b697ec23b8591d6c7a8524f32dce553ccd146

    • SHA256

      59040f8ff05b3023cbd02aab67e1292922d9ebdf7ae90c16bb255f0a230dbdc5

    • SHA512

      3ce4555ece215a6f602ca4985b665c5b167e2e2ea2030b56771a91ff363647535d74e383a2738d788e4404b3a2a5212fe24b043c8b9c266bcd7e957fb6c6b001

    • SSDEEP

      1536:i2WDcOpULCH0a+TNXyyXetH28JZveKivnia:zWDuLzZXyyXeECveDnH

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks