General
-
Target
2a0e907691e70341a335bcffe41c3fbbd84f5a981502044aacc52c87cb38319bN.exe
-
Size
152KB
-
Sample
240925-l5aebazanp
-
MD5
ede6a2d0ab0e894d817ec4b361fb6ba0
-
SHA1
063f8e4e10ef5e7100b1876723168158f3131810
-
SHA256
2a0e907691e70341a335bcffe41c3fbbd84f5a981502044aacc52c87cb38319b
-
SHA512
6c21dca51516497c7630d45ef45175405ce558a42ef69644ebfbd08be09617cd84f9e0c7afb1a32c01363fbddad5a6a074b7f4504db8936ac90c5c3b32716f5c
-
SSDEEP
3072:phUFgjTQtKrueiygR4O6avJamofBcE5j4oQ:egvQtKSMgR56avUmsd
Malware Config
Targets
-
-
Target
2a0e907691e70341a335bcffe41c3fbbd84f5a981502044aacc52c87cb38319bN.exe
-
Size
152KB
-
MD5
ede6a2d0ab0e894d817ec4b361fb6ba0
-
SHA1
063f8e4e10ef5e7100b1876723168158f3131810
-
SHA256
2a0e907691e70341a335bcffe41c3fbbd84f5a981502044aacc52c87cb38319b
-
SHA512
6c21dca51516497c7630d45ef45175405ce558a42ef69644ebfbd08be09617cd84f9e0c7afb1a32c01363fbddad5a6a074b7f4504db8936ac90c5c3b32716f5c
-
SSDEEP
3072:phUFgjTQtKrueiygR4O6avJamofBcE5j4oQ:egvQtKSMgR56avUmsd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2