General
-
Target
6492979a23d512633fc8a577a0f10bd4a4d1aa185800b55b3a302edcdf5153caN
-
Size
304KB
-
Sample
240920-bry6easbmq
-
MD5
85e32a5a78ec18d2d05914d6d9d5d980
-
SHA1
2abbd252468480a8b1f916041aed03d260cdfabc
-
SHA256
6492979a23d512633fc8a577a0f10bd4a4d1aa185800b55b3a302edcdf5153ca
-
SHA512
be1478be3dd91367e05dfadd10e51e5e1f7ab9b68e00fd308a9cee5080106a0846613a6493c39ba69d2e290a091b12e04e8ada5731b7de789966923178cfe257
-
SSDEEP
3072:RPPGOaEaAaTG0kZSmA2Gsxqc+X3GMop2aEaLFra+7pvPSvBRq:e4AxkYGylaRSW
Malware Config
Targets
-
-
Target
6492979a23d512633fc8a577a0f10bd4a4d1aa185800b55b3a302edcdf5153caN
-
Size
304KB
-
MD5
85e32a5a78ec18d2d05914d6d9d5d980
-
SHA1
2abbd252468480a8b1f916041aed03d260cdfabc
-
SHA256
6492979a23d512633fc8a577a0f10bd4a4d1aa185800b55b3a302edcdf5153ca
-
SHA512
be1478be3dd91367e05dfadd10e51e5e1f7ab9b68e00fd308a9cee5080106a0846613a6493c39ba69d2e290a091b12e04e8ada5731b7de789966923178cfe257
-
SSDEEP
3072:RPPGOaEaAaTG0kZSmA2Gsxqc+X3GMop2aEaLFra+7pvPSvBRq:e4AxkYGylaRSW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2