General
-
Target
63ad247fa5ab8cbedfae1f70f4d29b4a80f9b8dc6ae19f5a685b5c264fe661ceN
-
Size
3.3MB
-
Sample
240920-21l6bashph
-
MD5
ceef92d4499e291b76822c9a08501970
-
SHA1
ad234fb1df0a24e7bcda9dfbdbc1a3ae6bd1499d
-
SHA256
63ad247fa5ab8cbedfae1f70f4d29b4a80f9b8dc6ae19f5a685b5c264fe661ce
-
SHA512
5289f5451a996f891fda629150d52e000a351ed5eb122ffb791a811d4add18e3f71fd5e8d6dada95c572dca673f95ecbb404b2d9ba28014004a2f1e5aa0c0a69
-
SSDEEP
49152:g7J7A7yD7q7yD7c747q7yD7A7yD7q7yD7H747q7yD7A7yD7q7yD727Q:gdMmD2mDAc2mDMmD2mDrc2mDMmD2mD6c
Malware Config
Targets
-
-
Target
63ad247fa5ab8cbedfae1f70f4d29b4a80f9b8dc6ae19f5a685b5c264fe661ceN
-
Size
3.3MB
-
MD5
ceef92d4499e291b76822c9a08501970
-
SHA1
ad234fb1df0a24e7bcda9dfbdbc1a3ae6bd1499d
-
SHA256
63ad247fa5ab8cbedfae1f70f4d29b4a80f9b8dc6ae19f5a685b5c264fe661ce
-
SHA512
5289f5451a996f891fda629150d52e000a351ed5eb122ffb791a811d4add18e3f71fd5e8d6dada95c572dca673f95ecbb404b2d9ba28014004a2f1e5aa0c0a69
-
SSDEEP
49152:g7J7A7yD7q7yD7c747q7yD7A7yD7q7yD7H747q7yD7A7yD7q7yD727Q:gdMmD2mDAc2mDMmD2mDrc2mDMmD2mD6c
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Safe Mode Boot
1Modify Registry
5