General

  • Target

    dd9d7cf9372a5737863d4dc33f132b9a.exe

  • Size

    52KB

  • Sample

    240927-kyxetsxfkd

  • MD5

    dd9d7cf9372a5737863d4dc33f132b9a

  • SHA1

    4380d4afc2786ee77d2644aa1e34c9b77951b5d3

  • SHA256

    bb46d0c8b43a92fda32622b15fd8060dedf1f0666c8e536cdad49ad3e1a79ade

  • SHA512

    e4f2f85f8d9e41bce53868d78fb74cbcfaa8fa9df7e997f442a5858792b11b487cd7684bd3fd079006385774b45ef2e4d70a8793e367104e6b600a473895ae03

  • SSDEEP

    768:7ynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67LhP8D0xj:sb1MsHz3JDwhyWr+N95OTga6SDej

Malware Config

Targets

    • Target

      dd9d7cf9372a5737863d4dc33f132b9a.exe

    • Size

      52KB

    • MD5

      dd9d7cf9372a5737863d4dc33f132b9a

    • SHA1

      4380d4afc2786ee77d2644aa1e34c9b77951b5d3

    • SHA256

      bb46d0c8b43a92fda32622b15fd8060dedf1f0666c8e536cdad49ad3e1a79ade

    • SHA512

      e4f2f85f8d9e41bce53868d78fb74cbcfaa8fa9df7e997f442a5858792b11b487cd7684bd3fd079006385774b45ef2e4d70a8793e367104e6b600a473895ae03

    • SSDEEP

      768:7ynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67LhP8D0xj:sb1MsHz3JDwhyWr+N95OTga6SDej

    • Server Software Component: Terminal Services DLL

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a Windows Service

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks