General
-
Target
0a82f9a9dbda0bf87830bee19851abf6e6c017ac6e56b51d0c0d8dd14888f38dN
-
Size
300KB
-
Sample
240919-g5zlzsvflq
-
MD5
e2e816c40f71a8374fb907eecc398220
-
SHA1
2b7877966ae39165ed47f54a2a4d7b785631f654
-
SHA256
0a82f9a9dbda0bf87830bee19851abf6e6c017ac6e56b51d0c0d8dd14888f38d
-
SHA512
6399c7021b1351761239d13a5c35371afdc853cd31d5a8563775558bf73ec31e0ece85c936eff935c322deeb191689bd3a083c323c4008635506492bee4ad943
-
SSDEEP
3072:LMIg7zifD4gfGWKdbKsQOO1RQobSp0xl6EPpc4VpJzNDdlcjBP:LBozib4gfGWcmsQLbG0xlfPpndiVP
Malware Config
Targets
-
-
Target
0a82f9a9dbda0bf87830bee19851abf6e6c017ac6e56b51d0c0d8dd14888f38dN
-
Size
300KB
-
MD5
e2e816c40f71a8374fb907eecc398220
-
SHA1
2b7877966ae39165ed47f54a2a4d7b785631f654
-
SHA256
0a82f9a9dbda0bf87830bee19851abf6e6c017ac6e56b51d0c0d8dd14888f38d
-
SHA512
6399c7021b1351761239d13a5c35371afdc853cd31d5a8563775558bf73ec31e0ece85c936eff935c322deeb191689bd3a083c323c4008635506492bee4ad943
-
SSDEEP
3072:LMIg7zifD4gfGWKdbKsQOO1RQobSp0xl6EPpc4VpJzNDdlcjBP:LBozib4gfGWcmsQLbG0xlfPpndiVP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2