General
-
Target
a191c44a7c99c6091f10c979b1581d8b61a1d2395b8e2347e64d5320069e7c16N
-
Size
308KB
-
Sample
240920-1g2wzszajb
-
MD5
c2790b26bb5f21dda3fc5d5b0db59640
-
SHA1
299abd52888ffd002217563d68b2269d86708558
-
SHA256
a191c44a7c99c6091f10c979b1581d8b61a1d2395b8e2347e64d5320069e7c16
-
SHA512
6c90b5fdec689b629fb209f13b975fd4dda4c3dfef8ce1318f6c127ce3a10f1481a8ceeeebe830c3e7a0d860054418fc102e16714a27da8d2bea2807711ad3df
-
SSDEEP
3072:HXUcqwgeeHDiMc8SmaS+n6LQfrREHAShClmyikCUWDuP7w9Z0P97HpVXLD:Hxg9emfepfFEHF8zw0P97Hz
Malware Config
Targets
-
-
Target
a191c44a7c99c6091f10c979b1581d8b61a1d2395b8e2347e64d5320069e7c16N
-
Size
308KB
-
MD5
c2790b26bb5f21dda3fc5d5b0db59640
-
SHA1
299abd52888ffd002217563d68b2269d86708558
-
SHA256
a191c44a7c99c6091f10c979b1581d8b61a1d2395b8e2347e64d5320069e7c16
-
SHA512
6c90b5fdec689b629fb209f13b975fd4dda4c3dfef8ce1318f6c127ce3a10f1481a8ceeeebe830c3e7a0d860054418fc102e16714a27da8d2bea2807711ad3df
-
SSDEEP
3072:HXUcqwgeeHDiMc8SmaS+n6LQfrREHAShClmyikCUWDuP7w9Z0P97HpVXLD:Hxg9emfepfFEHF8zw0P97Hz
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2