General
-
Target
db08c6db0f4b2ee5ee34e4df8c03001e282c3854afb57ebb09297e27f283717fN
-
Size
132KB
-
Sample
240920-l56gra1enk
-
MD5
04d4592cf6a7c7dde25b2da92b7beca0
-
SHA1
1d8c4d7d3d3f6ad3ae59e87dc401a5e9240250ad
-
SHA256
db08c6db0f4b2ee5ee34e4df8c03001e282c3854afb57ebb09297e27f283717f
-
SHA512
a71154a2a2c08537fd8bea61332ded27cad265d08d4315aedd937608aba5535a21d01a3dcb5cc77e7a497895836ea01e8359b30944f6c1e0c2f6be8ddc72388d
-
SSDEEP
3072:VeDxqy7TBJVSgpS5uIyio/Conuh1CNvDfVe:VWqoTB2grko/C2gcZe
Malware Config
Targets
-
-
Target
db08c6db0f4b2ee5ee34e4df8c03001e282c3854afb57ebb09297e27f283717fN
-
Size
132KB
-
MD5
04d4592cf6a7c7dde25b2da92b7beca0
-
SHA1
1d8c4d7d3d3f6ad3ae59e87dc401a5e9240250ad
-
SHA256
db08c6db0f4b2ee5ee34e4df8c03001e282c3854afb57ebb09297e27f283717f
-
SHA512
a71154a2a2c08537fd8bea61332ded27cad265d08d4315aedd937608aba5535a21d01a3dcb5cc77e7a497895836ea01e8359b30944f6c1e0c2f6be8ddc72388d
-
SSDEEP
3072:VeDxqy7TBJVSgpS5uIyio/Conuh1CNvDfVe:VWqoTB2grko/C2gcZe
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2