General
-
Target
3017e0c26d5cc8a5e7970c1a16d7b3fc84f4d2323bf2a785ca180cc26a18eef6N
-
Size
156KB
-
Sample
240920-sn66aashmh
-
MD5
e7cc43d17fc804f12b0d65ccb6ffeb30
-
SHA1
8925c7f98e038d43d7790928a9fd2f64ab9065ef
-
SHA256
3017e0c26d5cc8a5e7970c1a16d7b3fc84f4d2323bf2a785ca180cc26a18eef6
-
SHA512
e9eb221f94ab5e6c2ce7a1af7129e6cca4d7833216f935e0c849e9f7eb4a0ce4cfa3b002271a9d75a10dc32958bc50622ab7067634a8fdc9f5ef88ac0a0c9c21
-
SSDEEP
3072:QUfcz72L2wmM39vJhjmRMKGOMztubDqrmhX1yjdL34oQZiE0fEeA:1kz22wmMtRfXZm1gp9WufHA
Malware Config
Targets
-
-
Target
3017e0c26d5cc8a5e7970c1a16d7b3fc84f4d2323bf2a785ca180cc26a18eef6N
-
Size
156KB
-
MD5
e7cc43d17fc804f12b0d65ccb6ffeb30
-
SHA1
8925c7f98e038d43d7790928a9fd2f64ab9065ef
-
SHA256
3017e0c26d5cc8a5e7970c1a16d7b3fc84f4d2323bf2a785ca180cc26a18eef6
-
SHA512
e9eb221f94ab5e6c2ce7a1af7129e6cca4d7833216f935e0c849e9f7eb4a0ce4cfa3b002271a9d75a10dc32958bc50622ab7067634a8fdc9f5ef88ac0a0c9c21
-
SSDEEP
3072:QUfcz72L2wmM39vJhjmRMKGOMztubDqrmhX1yjdL34oQZiE0fEeA:1kz22wmMtRfXZm1gp9WufHA
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2