General
-
Target
c173c0d0d2df1487f0210b61accda86443bbff353c990aa3e2eaba4061ee2620N
-
Size
88KB
-
Sample
240920-d5jnzswfja
-
MD5
6f94d56ebacfa3f62e1394edf6dc29b0
-
SHA1
8d4ff41abfc8d608788611c7d23e57f921e1adfc
-
SHA256
c173c0d0d2df1487f0210b61accda86443bbff353c990aa3e2eaba4061ee2620
-
SHA512
0791a0e7f27cf98606a040c33b43ee3ab859d2818462fcb24b31b1d622e94c732bf4b9bfce59074a1ee65aa00ec463f573746e1f8bebf69f0826918eeef5eaca
-
SSDEEP
768:6lXI8+9JmWgVffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZby9:6JIFPmWgdR5K2KjPmLRBNJqHJNZm9
Malware Config
Targets
-
-
Target
c173c0d0d2df1487f0210b61accda86443bbff353c990aa3e2eaba4061ee2620N
-
Size
88KB
-
MD5
6f94d56ebacfa3f62e1394edf6dc29b0
-
SHA1
8d4ff41abfc8d608788611c7d23e57f921e1adfc
-
SHA256
c173c0d0d2df1487f0210b61accda86443bbff353c990aa3e2eaba4061ee2620
-
SHA512
0791a0e7f27cf98606a040c33b43ee3ab859d2818462fcb24b31b1d622e94c732bf4b9bfce59074a1ee65aa00ec463f573746e1f8bebf69f0826918eeef5eaca
-
SSDEEP
768:6lXI8+9JmWgVffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZby9:6JIFPmWgdR5K2KjPmLRBNJqHJNZm9
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2