General
-
Target
b9749e2a157f33aeff5033bb98391323c6a19201b54126f608b5cfc3e2c3f6e9N
-
Size
84KB
-
Sample
240921-dfb8lssald
-
MD5
9a194b9f88e6d733e2a76f89877b5730
-
SHA1
69b478edb21f9747e478ee5a5765fadff58fcf59
-
SHA256
b9749e2a157f33aeff5033bb98391323c6a19201b54126f608b5cfc3e2c3f6e9
-
SHA512
0c66ec0efeb8c361e12abea61b90844d422ec2b8a9fbff45c01a2725faf617a372766785204a5cd83850ce0867d07d3cef56812a47c19f91bf67d8744c9192b2
-
SSDEEP
768:sv6nMfqt+K48h8jlc8ebdtF5EmpW/p/hxRSH9NxIkL9v/Q6sWDdR2iRv:sv8I8ujcZKmpSFhxRSHdL9bsSn2iRv
Malware Config
Targets
-
-
Target
b9749e2a157f33aeff5033bb98391323c6a19201b54126f608b5cfc3e2c3f6e9N
-
Size
84KB
-
MD5
9a194b9f88e6d733e2a76f89877b5730
-
SHA1
69b478edb21f9747e478ee5a5765fadff58fcf59
-
SHA256
b9749e2a157f33aeff5033bb98391323c6a19201b54126f608b5cfc3e2c3f6e9
-
SHA512
0c66ec0efeb8c361e12abea61b90844d422ec2b8a9fbff45c01a2725faf617a372766785204a5cd83850ce0867d07d3cef56812a47c19f91bf67d8744c9192b2
-
SSDEEP
768:sv6nMfqt+K48h8jlc8ebdtF5EmpW/p/hxRSH9NxIkL9v/Q6sWDdR2iRv:sv8I8ujcZKmpSFhxRSHdL9bsSn2iRv
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2