General
-
Target
dce279dcd45f511a3b2a3917c6990306cf0b19e36e72f29a932a605bfc0a6d54N
-
Size
88KB
-
Sample
240919-ffygys1hjd
-
MD5
5b0c66fb06a1a79ca2196f43f8a74bb0
-
SHA1
1287b85e4a9ad2b982097919f3d8a33c2aba1866
-
SHA256
dce279dcd45f511a3b2a3917c6990306cf0b19e36e72f29a932a605bfc0a6d54
-
SHA512
c32eb9437e8de90e52d11c0ed4dd64f04ea8238a0680fc641bd83f290f6139405be3ec7ee9980913bbfc0acbacbebd2aeff4fc42f5528a16ee0a3c91e5fae677
-
SSDEEP
768:vAT68qOJ+TtRqIwHpFeh6gM1rA8dOsc7jUq4RkA5o3K1DfsvtzsXjLft+9o1mm:vATHqlZ0LFjnAzA5o6BfItoXjLl0hm
Malware Config
Targets
-
-
Target
dce279dcd45f511a3b2a3917c6990306cf0b19e36e72f29a932a605bfc0a6d54N
-
Size
88KB
-
MD5
5b0c66fb06a1a79ca2196f43f8a74bb0
-
SHA1
1287b85e4a9ad2b982097919f3d8a33c2aba1866
-
SHA256
dce279dcd45f511a3b2a3917c6990306cf0b19e36e72f29a932a605bfc0a6d54
-
SHA512
c32eb9437e8de90e52d11c0ed4dd64f04ea8238a0680fc641bd83f290f6139405be3ec7ee9980913bbfc0acbacbebd2aeff4fc42f5528a16ee0a3c91e5fae677
-
SSDEEP
768:vAT68qOJ+TtRqIwHpFeh6gM1rA8dOsc7jUq4RkA5o3K1DfsvtzsXjLft+9o1mm:vATHqlZ0LFjnAzA5o6BfItoXjLl0hm
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2