General
-
Target
939ed73bd36d9677191f2fb7987885e838b32b9b8c789e2a22bb5d64ad63e75bN
-
Size
77KB
-
Sample
240919-ebznsazama
-
MD5
10ac20988a4e81d18380114e62d1f050
-
SHA1
00fb2a4683519f0b2183cb62af8e6242ef1b7c8e
-
SHA256
939ed73bd36d9677191f2fb7987885e838b32b9b8c789e2a22bb5d64ad63e75b
-
SHA512
e8e107faab81cc3459c2f877172fa0ed0a3ce5ca821ec911d637b343c7f6aa2bb878cfb3726772b4b8e76021fc11ad04be4c47f0f7fdffd455b73bfd8173d590
-
SSDEEP
1536:0vbbcxMu15Bx8pEttgdO/mXpgWXOJgQmmogDcMH5fCVsJVafuegWXAi+oX9tWV0x:ybbcxx15Bx8pEttgdO/mXpgWXOJgQmmi
Malware Config
Targets
-
-
Target
939ed73bd36d9677191f2fb7987885e838b32b9b8c789e2a22bb5d64ad63e75bN
-
Size
77KB
-
MD5
10ac20988a4e81d18380114e62d1f050
-
SHA1
00fb2a4683519f0b2183cb62af8e6242ef1b7c8e
-
SHA256
939ed73bd36d9677191f2fb7987885e838b32b9b8c789e2a22bb5d64ad63e75b
-
SHA512
e8e107faab81cc3459c2f877172fa0ed0a3ce5ca821ec911d637b343c7f6aa2bb878cfb3726772b4b8e76021fc11ad04be4c47f0f7fdffd455b73bfd8173d590
-
SSDEEP
1536:0vbbcxMu15Bx8pEttgdO/mXpgWXOJgQmmogDcMH5fCVsJVafuegWXAi+oX9tWV0x:ybbcxx15Bx8pEttgdO/mXpgWXOJgQmmi
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2