General
-
Target
482477317cdeef87ca3613a61c2008721e58312dc0bf8be4a4b6fb2650ec9f98N
-
Size
111KB
-
Sample
240920-xtbnsasgrm
-
MD5
5c3efbf72f43f9ac8d1251acbd05ad50
-
SHA1
6e81d4cc2c160ccea357cf6302e95c2592224a8b
-
SHA256
482477317cdeef87ca3613a61c2008721e58312dc0bf8be4a4b6fb2650ec9f98
-
SHA512
daac2cceeb370ade0768900bd9a5bb0e20768d520e3f6abebf1564738d4203579772f66a005857aec676afc6c01309b3971e5841e81a827123917c6a8dc898d8
-
SSDEEP
768:sduwfCcAl2IRlNFQK33bP34DGltCJWx+7AppL4zG4dslM8lP+wgG0SXdkUr9AeXd:sdFwjl8K33DlN+aLHM8WSXjyo
Malware Config
Targets
-
-
Target
482477317cdeef87ca3613a61c2008721e58312dc0bf8be4a4b6fb2650ec9f98N
-
Size
111KB
-
MD5
5c3efbf72f43f9ac8d1251acbd05ad50
-
SHA1
6e81d4cc2c160ccea357cf6302e95c2592224a8b
-
SHA256
482477317cdeef87ca3613a61c2008721e58312dc0bf8be4a4b6fb2650ec9f98
-
SHA512
daac2cceeb370ade0768900bd9a5bb0e20768d520e3f6abebf1564738d4203579772f66a005857aec676afc6c01309b3971e5841e81a827123917c6a8dc898d8
-
SSDEEP
768:sduwfCcAl2IRlNFQK33bP34DGltCJWx+7AppL4zG4dslM8lP+wgG0SXdkUr9AeXd:sdFwjl8K33DlN+aLHM8WSXjyo
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2