General
-
Target
636a90e497fe7b5db2973b36e7624db40b24a508a1bd43d1afa4e8b0f92c6de5N
-
Size
52KB
-
Sample
240920-bze3hasbje
-
MD5
494db208fce674fd923d670f784741f0
-
SHA1
e0bc18408400ae5595284950ae1fb3e8c0169799
-
SHA256
636a90e497fe7b5db2973b36e7624db40b24a508a1bd43d1afa4e8b0f92c6de5
-
SHA512
89e8dd61cc811c2fdfb69d76b2350622e0397752ca3ebd1668ec0ed300ea96c9163a09bc95499a44cee0e7bb57d56c2721bdb2fed06b5aba4a3df525fcc360f2
-
SSDEEP
768:rHHa5YdAlnK9o9Yj5Lx1twDd/v/jdISproC6RHwibw5/FzpEy:rap1K9o9WxHwDR3jRoC6RHOpEy
Malware Config
Targets
-
-
Target
636a90e497fe7b5db2973b36e7624db40b24a508a1bd43d1afa4e8b0f92c6de5N
-
Size
52KB
-
MD5
494db208fce674fd923d670f784741f0
-
SHA1
e0bc18408400ae5595284950ae1fb3e8c0169799
-
SHA256
636a90e497fe7b5db2973b36e7624db40b24a508a1bd43d1afa4e8b0f92c6de5
-
SHA512
89e8dd61cc811c2fdfb69d76b2350622e0397752ca3ebd1668ec0ed300ea96c9163a09bc95499a44cee0e7bb57d56c2721bdb2fed06b5aba4a3df525fcc360f2
-
SSDEEP
768:rHHa5YdAlnK9o9Yj5Lx1twDd/v/jdISproC6RHwibw5/FzpEy:rap1K9o9WxHwDR3jRoC6RHOpEy
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2