General
-
Target
296deb014deddbad300c2ba8f156ba599e6a57efeffb42f5afc19fe88c5fc811N
-
Size
176KB
-
Sample
240920-ptzfvaxblj
-
MD5
853f191d58206fe05573da9da1271730
-
SHA1
2493b1e0a64162f414e98eb3c03d5662ff40e9b1
-
SHA256
296deb014deddbad300c2ba8f156ba599e6a57efeffb42f5afc19fe88c5fc811
-
SHA512
87acaffc110450b1cad9cba2e8bf10b10afaa4da8c344d4968d80f059aba5a347c821ecc71e17e98afd43b52f95b1a75fc9162fafd196f5e0d13572f635d31c1
-
SSDEEP
3072:OC1IrmV+gj2HsfyKnvmb7/D26zjlBvWlzPpsPfjQ8sqLELTS55pMzcUK1vUyGeBP:BV+1Knvmb7/D26zjlBvWhPpsPfjQ8sqf
Malware Config
Targets
-
-
Target
296deb014deddbad300c2ba8f156ba599e6a57efeffb42f5afc19fe88c5fc811N
-
Size
176KB
-
MD5
853f191d58206fe05573da9da1271730
-
SHA1
2493b1e0a64162f414e98eb3c03d5662ff40e9b1
-
SHA256
296deb014deddbad300c2ba8f156ba599e6a57efeffb42f5afc19fe88c5fc811
-
SHA512
87acaffc110450b1cad9cba2e8bf10b10afaa4da8c344d4968d80f059aba5a347c821ecc71e17e98afd43b52f95b1a75fc9162fafd196f5e0d13572f635d31c1
-
SSDEEP
3072:OC1IrmV+gj2HsfyKnvmb7/D26zjlBvWlzPpsPfjQ8sqLELTS55pMzcUK1vUyGeBP:BV+1Knvmb7/D26zjlBvWhPpsPfjQ8sqf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2