General
-
Target
60e6412fdb3579181ab9b9473e25e53d58008f45476b0536c04b52a940238b7fN
-
Size
320KB
-
Sample
240921-cwtbds1bnd
-
MD5
f178f33904604e817be3d4504a8a8530
-
SHA1
2a55516125be7ee608bd40f91eea1a2524c35366
-
SHA256
60e6412fdb3579181ab9b9473e25e53d58008f45476b0536c04b52a940238b7f
-
SHA512
f09c652ec9346079a3b8e3e92df82028676a987bd849f5d9e1cb560aaef9cb1c769d707879e561f70720151aa878a90de7d2b639d34b75074a2bb1978cec0107
-
SSDEEP
6144:FXkmZOBRtoITkA53pK122OWXHCmHZW50l7F9R6ew+5:hOBRtMcow2OWXH5HZW5qHRX5
Malware Config
Targets
-
-
Target
60e6412fdb3579181ab9b9473e25e53d58008f45476b0536c04b52a940238b7fN
-
Size
320KB
-
MD5
f178f33904604e817be3d4504a8a8530
-
SHA1
2a55516125be7ee608bd40f91eea1a2524c35366
-
SHA256
60e6412fdb3579181ab9b9473e25e53d58008f45476b0536c04b52a940238b7f
-
SHA512
f09c652ec9346079a3b8e3e92df82028676a987bd849f5d9e1cb560aaef9cb1c769d707879e561f70720151aa878a90de7d2b639d34b75074a2bb1978cec0107
-
SSDEEP
6144:FXkmZOBRtoITkA53pK122OWXHCmHZW50l7F9R6ew+5:hOBRtMcow2OWXH5HZW5qHRX5
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2