General
-
Target
e107844f9d0a973ce1196b964d4f6ba7c0b94a1685315624c68758396477417fN
-
Size
96KB
-
Sample
240920-16671a1dkb
-
MD5
bab091d31961413cee25751291025de0
-
SHA1
f4ca95d12e6063e6988cca5c9de22f6c557b884d
-
SHA256
e107844f9d0a973ce1196b964d4f6ba7c0b94a1685315624c68758396477417f
-
SHA512
c5a281804318d71d570bc977d060f0144837de6c0967a1cab89ba626f68c2ebae4725d1e851de9f4949e3fe67759e6c4e051a6d718c82bf0c6f22cda726fdb97
-
SSDEEP
1536:oBB0RLgzWwmhLmncdkadGVScGYJXeiyCnO+TI4K4I4i404R4Z1VcvsJOpPpMm4/v:00R4W6cOadGRJuH7ut/Tdvd+hXV/vU3i
Malware Config
Targets
-
-
Target
e107844f9d0a973ce1196b964d4f6ba7c0b94a1685315624c68758396477417fN
-
Size
96KB
-
MD5
bab091d31961413cee25751291025de0
-
SHA1
f4ca95d12e6063e6988cca5c9de22f6c557b884d
-
SHA256
e107844f9d0a973ce1196b964d4f6ba7c0b94a1685315624c68758396477417f
-
SHA512
c5a281804318d71d570bc977d060f0144837de6c0967a1cab89ba626f68c2ebae4725d1e851de9f4949e3fe67759e6c4e051a6d718c82bf0c6f22cda726fdb97
-
SSDEEP
1536:oBB0RLgzWwmhLmncdkadGVScGYJXeiyCnO+TI4K4I4i404R4Z1VcvsJOpPpMm4/v:00R4W6cOadGRJuH7ut/Tdvd+hXV/vU3i
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2