General
-
Target
1494c8a11c22467baa616e3e68bb9fa7460c406a77212a33d24c2dcd25bde593N
-
Size
252KB
-
Sample
240920-gt5c4asblb
-
MD5
f42999444284e22cc063cada48ceedf0
-
SHA1
0f6fe1af0a44cd99f0adaa4b84cd25140d5fb72a
-
SHA256
1494c8a11c22467baa616e3e68bb9fa7460c406a77212a33d24c2dcd25bde593
-
SHA512
8a7d250c3b54ee1b3ee17ae5a4ee7d072acbbd48acc319ac3b0414233c55f80e5cdbe16228e49e746f278911f7cf3f11f8f91285edebde5e34f97cc427797008
-
SSDEEP
6144:wTB/FiVGBngFg4S628gA/igGuncMkcH/AeKnvmb7/D26ppSgCbvfXG:cBtigBnga4S628dFncMkcHIeKnvmb7/V
Malware Config
Targets
-
-
Target
1494c8a11c22467baa616e3e68bb9fa7460c406a77212a33d24c2dcd25bde593N
-
Size
252KB
-
MD5
f42999444284e22cc063cada48ceedf0
-
SHA1
0f6fe1af0a44cd99f0adaa4b84cd25140d5fb72a
-
SHA256
1494c8a11c22467baa616e3e68bb9fa7460c406a77212a33d24c2dcd25bde593
-
SHA512
8a7d250c3b54ee1b3ee17ae5a4ee7d072acbbd48acc319ac3b0414233c55f80e5cdbe16228e49e746f278911f7cf3f11f8f91285edebde5e34f97cc427797008
-
SSDEEP
6144:wTB/FiVGBngFg4S628gA/igGuncMkcH/AeKnvmb7/D26ppSgCbvfXG:cBtigBnga4S628dFncMkcHIeKnvmb7/V
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2