General
-
Target
15e9a323a3ea2e9587d65d0561c225c623094386e10a5d03ffffb0040d1c1132N
-
Size
228KB
-
Sample
240920-g1cawssgnm
-
MD5
063c999afe9c7cba02bc25fae5dc3930
-
SHA1
881bb3538c65c71629eb6e70e072b559e3f7392f
-
SHA256
15e9a323a3ea2e9587d65d0561c225c623094386e10a5d03ffffb0040d1c1132
-
SHA512
f254420814218cef8203eace031eb712964170ead611436e522d45ecd76de0921b6f3681a0cf5ae666d02ee3d40d27b4fc766aa455f932c4865c94d864180370
-
SSDEEP
3072:KmkiLAZOTPI/YXYqqdXMoNrozX+h2RAGCD6f0evQP:Km23/qqdrrhAeyzvQ
Malware Config
Targets
-
-
Target
15e9a323a3ea2e9587d65d0561c225c623094386e10a5d03ffffb0040d1c1132N
-
Size
228KB
-
MD5
063c999afe9c7cba02bc25fae5dc3930
-
SHA1
881bb3538c65c71629eb6e70e072b559e3f7392f
-
SHA256
15e9a323a3ea2e9587d65d0561c225c623094386e10a5d03ffffb0040d1c1132
-
SHA512
f254420814218cef8203eace031eb712964170ead611436e522d45ecd76de0921b6f3681a0cf5ae666d02ee3d40d27b4fc766aa455f932c4865c94d864180370
-
SSDEEP
3072:KmkiLAZOTPI/YXYqqdXMoNrozX+h2RAGCD6f0evQP:Km23/qqdrrhAeyzvQ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2