General
-
Target
06159fdb5e8eff4c22300416561bee6f11cfb3d2490847c9134823b0eda55bd3N
-
Size
152KB
-
Sample
240920-tb9lbavblb
-
MD5
e5cd74d1c60efbf9ed7f585025f44b10
-
SHA1
23b8f6fa0377ee825e056642ef6fab85cf86ff57
-
SHA256
06159fdb5e8eff4c22300416561bee6f11cfb3d2490847c9134823b0eda55bd3
-
SHA512
5605192e142f484f11eb808d17963cd5ff9fc77c94606bb6d48a90ce2e2550011f916c33e1d408cb4e2cae8fc1a103cf33fcf3a8b078886707538c8043d39dcc
-
SSDEEP
3072:V5EGVHCzwrCaHHvhtbz0wXtV2eZDEUXni7fo7KSif8xWM33r3k1jTCZU4oQZiE7l:sGFCzwrCW/0AHa8nuo7KSif8xWM33r3b
Malware Config
Targets
-
-
Target
06159fdb5e8eff4c22300416561bee6f11cfb3d2490847c9134823b0eda55bd3N
-
Size
152KB
-
MD5
e5cd74d1c60efbf9ed7f585025f44b10
-
SHA1
23b8f6fa0377ee825e056642ef6fab85cf86ff57
-
SHA256
06159fdb5e8eff4c22300416561bee6f11cfb3d2490847c9134823b0eda55bd3
-
SHA512
5605192e142f484f11eb808d17963cd5ff9fc77c94606bb6d48a90ce2e2550011f916c33e1d408cb4e2cae8fc1a103cf33fcf3a8b078886707538c8043d39dcc
-
SSDEEP
3072:V5EGVHCzwrCaHHvhtbz0wXtV2eZDEUXni7fo7KSif8xWM33r3k1jTCZU4oQZiE7l:sGFCzwrCW/0AHa8nuo7KSif8xWM33r3b
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2