General
-
Target
cb83762b5ac0fb6f195b56a23440cb42c1b620ce4ceab896fbb29f62b30ccd90N
-
Size
144KB
-
Sample
240920-vdmd8swhnh
-
MD5
8941f4ef127c7b86717eaf56cdd55f70
-
SHA1
c51169c1a0858cdefc9e97404a9b0b1616246042
-
SHA256
cb83762b5ac0fb6f195b56a23440cb42c1b620ce4ceab896fbb29f62b30ccd90
-
SHA512
0b82c2aea9827ec2834b08d07f1eb4cc4a40da25a2846488d1efd327a514a7ebde0cf9b964083d2f8ac454cecaa515cd85e3c87da26cc3b0158d7ffbd038aa07
-
SSDEEP
3072:QHKFV/4vhINgVs+Y9YXeKjxF1yO13TWDnttr:QqFVMq2gYuKjxF15sz
Malware Config
Targets
-
-
Target
cb83762b5ac0fb6f195b56a23440cb42c1b620ce4ceab896fbb29f62b30ccd90N
-
Size
144KB
-
MD5
8941f4ef127c7b86717eaf56cdd55f70
-
SHA1
c51169c1a0858cdefc9e97404a9b0b1616246042
-
SHA256
cb83762b5ac0fb6f195b56a23440cb42c1b620ce4ceab896fbb29f62b30ccd90
-
SHA512
0b82c2aea9827ec2834b08d07f1eb4cc4a40da25a2846488d1efd327a514a7ebde0cf9b964083d2f8ac454cecaa515cd85e3c87da26cc3b0158d7ffbd038aa07
-
SSDEEP
3072:QHKFV/4vhINgVs+Y9YXeKjxF1yO13TWDnttr:QqFVMq2gYuKjxF15sz
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2