General
-
Target
771ec42e160852e83703c2abbc195f2dfe0873f020b770651b2bb601e5d146d9N
-
Size
252KB
-
Sample
240920-2sgkvssenc
-
MD5
05d5938e2d877eb79fcc5908f5c7c340
-
SHA1
6634f669dc3ee23702d41efc6a8684422772ae5d
-
SHA256
771ec42e160852e83703c2abbc195f2dfe0873f020b770651b2bb601e5d146d9
-
SHA512
6c1e74d8e61a08a4c697b444b2f8930bbbc8166bea35bfad570c5667b3dfddbae22a71586cf6f26cf34d045f55340a508cee063af0a6c2dbc690e52dde7197b7
-
SSDEEP
6144:R1ml7FNnnPbuxN8b7giqR20NGNccko5Knvmb7/D26i02maSTOarRVTT:RAl7FNnjuxN8cGNccko5Knvmb7/D26iY
Malware Config
Targets
-
-
Target
771ec42e160852e83703c2abbc195f2dfe0873f020b770651b2bb601e5d146d9N
-
Size
252KB
-
MD5
05d5938e2d877eb79fcc5908f5c7c340
-
SHA1
6634f669dc3ee23702d41efc6a8684422772ae5d
-
SHA256
771ec42e160852e83703c2abbc195f2dfe0873f020b770651b2bb601e5d146d9
-
SHA512
6c1e74d8e61a08a4c697b444b2f8930bbbc8166bea35bfad570c5667b3dfddbae22a71586cf6f26cf34d045f55340a508cee063af0a6c2dbc690e52dde7197b7
-
SSDEEP
6144:R1ml7FNnnPbuxN8b7giqR20NGNccko5Knvmb7/D26i02maSTOarRVTT:RAl7FNnjuxN8cGNccko5Knvmb7/D26iY
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2