General
-
Target
bda3de761c64ccf41be150e34e0f0eeeb266eb35da98d5adb68b5281e9f81012N
-
Size
140KB
-
Sample
240920-pktt1awcpb
-
MD5
e3defdbd43e0ba5e94335b6a207da8e0
-
SHA1
7ccacfc8aa8c7a3599cfdcf831309f595eacfb76
-
SHA256
bda3de761c64ccf41be150e34e0f0eeeb266eb35da98d5adb68b5281e9f81012
-
SHA512
ea515c3d897afc7cfcbc115846aebdb0b5a4ab0da54a9b651c0ea76ef450c593f23e1833c4875829f2ce864ce79d780fd5f9286123a436efa48eb7d29024960b
-
SSDEEP
3072:+lf1fGL02W2N0fAU9x5Ea3hN4oQZiEzb6:89GL012efAU9x5BxfWRm
Malware Config
Targets
-
-
Target
bda3de761c64ccf41be150e34e0f0eeeb266eb35da98d5adb68b5281e9f81012N
-
Size
140KB
-
MD5
e3defdbd43e0ba5e94335b6a207da8e0
-
SHA1
7ccacfc8aa8c7a3599cfdcf831309f595eacfb76
-
SHA256
bda3de761c64ccf41be150e34e0f0eeeb266eb35da98d5adb68b5281e9f81012
-
SHA512
ea515c3d897afc7cfcbc115846aebdb0b5a4ab0da54a9b651c0ea76ef450c593f23e1833c4875829f2ce864ce79d780fd5f9286123a436efa48eb7d29024960b
-
SSDEEP
3072:+lf1fGL02W2N0fAU9x5Ea3hN4oQZiEzb6:89GL012efAU9x5BxfWRm
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2