General
-
Target
91c25d61f4c94021cd66b1d9dd83e3d2ddbdd75a1a31f327f43553c1a5108416N
-
Size
176KB
-
Sample
240920-1dl2csyglh
-
MD5
d712c78adf5a4f2401342819af7e9c00
-
SHA1
235196e495544296d7597af0954b4c9f0afa988d
-
SHA256
91c25d61f4c94021cd66b1d9dd83e3d2ddbdd75a1a31f327f43553c1a5108416
-
SHA512
226442bf9f89e66f1380f5ff2d784fff6b2cf39ba55f521e627f387f54ae71f48c87d135363078d29ecacf94debdea4c4bfc182078efe9a9af15d7a81abd0f92
-
SSDEEP
3072:2C198Wlh4GWtPuCaAYmG5bcFuKnvmb7/D26inavm4QLzHpXP6D8R8FOjcKvDHmBw:Vb8WAGWtPuCaVmG5bnKnvmb7/D26caej
Malware Config
Targets
-
-
Target
91c25d61f4c94021cd66b1d9dd83e3d2ddbdd75a1a31f327f43553c1a5108416N
-
Size
176KB
-
MD5
d712c78adf5a4f2401342819af7e9c00
-
SHA1
235196e495544296d7597af0954b4c9f0afa988d
-
SHA256
91c25d61f4c94021cd66b1d9dd83e3d2ddbdd75a1a31f327f43553c1a5108416
-
SHA512
226442bf9f89e66f1380f5ff2d784fff6b2cf39ba55f521e627f387f54ae71f48c87d135363078d29ecacf94debdea4c4bfc182078efe9a9af15d7a81abd0f92
-
SSDEEP
3072:2C198Wlh4GWtPuCaAYmG5bcFuKnvmb7/D26inavm4QLzHpXP6D8R8FOjcKvDHmBw:Vb8WAGWtPuCaVmG5bnKnvmb7/D26caej
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2