General
-
Target
aa9a7a557efb98714ef4d8a51d0ca0a3ed450cb5c89366a2bef3d551b2e68769N
-
Size
132KB
-
Sample
240927-pn1rqaserk
-
MD5
bb0fc8713ca03363c88fb25348f2dbe0
-
SHA1
86a51ef97181838ca72845e6d7d22c94df572369
-
SHA256
aa9a7a557efb98714ef4d8a51d0ca0a3ed450cb5c89366a2bef3d551b2e68769
-
SHA512
fcea757a05d3db1b35c8e5fb2edd321684acec15f32989cb6eda54178aa0a7b8322744b341d495940ab7042c42c0d370403d1e22e0611d2424c5e2f1ebadd839
-
SSDEEP
1536:57wVFjbLIfUBtizWywMsK8q72QNSqxAASKrSitUrvwEFrsUhKeT4oQ/m:5gVBtiJ772QNPPSKkwE5j4oQe
Malware Config
Targets
-
-
Target
aa9a7a557efb98714ef4d8a51d0ca0a3ed450cb5c89366a2bef3d551b2e68769N
-
Size
132KB
-
MD5
bb0fc8713ca03363c88fb25348f2dbe0
-
SHA1
86a51ef97181838ca72845e6d7d22c94df572369
-
SHA256
aa9a7a557efb98714ef4d8a51d0ca0a3ed450cb5c89366a2bef3d551b2e68769
-
SHA512
fcea757a05d3db1b35c8e5fb2edd321684acec15f32989cb6eda54178aa0a7b8322744b341d495940ab7042c42c0d370403d1e22e0611d2424c5e2f1ebadd839
-
SSDEEP
1536:57wVFjbLIfUBtizWywMsK8q72QNSqxAASKrSitUrvwEFrsUhKeT4oQ/m:5gVBtiJ772QNPPSKkwE5j4oQe
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2