General

  • Target

    fb714d59bcb67c0910c8f4ee0c5f0e62.exe

  • Size

    48KB

  • Sample

    240927-t1n1xa1fjr

  • MD5

    fb714d59bcb67c0910c8f4ee0c5f0e62

  • SHA1

    f22ffe25d693ccf771b5ae60b373f4c74551b317

  • SHA256

    25ad9ca13dc1ee44d8c3a3d0fba9365d9e9fd65db1411a0f720dd036d11911f3

  • SHA512

    24dac934a89ab30379331251749947af7817ed4c661a5b247a12177d1c3c04593da274eeea9ebfb7c6f7329916f03eb2c6c0a2d18b99358d8d14b6de48a33393

  • SSDEEP

    768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67GhPC:Ub1MsHz3JDwhyWr+N95OTga69

Malware Config

Targets

    • Target

      fb714d59bcb67c0910c8f4ee0c5f0e62.exe

    • Size

      48KB

    • MD5

      fb714d59bcb67c0910c8f4ee0c5f0e62

    • SHA1

      f22ffe25d693ccf771b5ae60b373f4c74551b317

    • SHA256

      25ad9ca13dc1ee44d8c3a3d0fba9365d9e9fd65db1411a0f720dd036d11911f3

    • SHA512

      24dac934a89ab30379331251749947af7817ed4c661a5b247a12177d1c3c04593da274eeea9ebfb7c6f7329916f03eb2c6c0a2d18b99358d8d14b6de48a33393

    • SSDEEP

      768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67GhPC:Ub1MsHz3JDwhyWr+N95OTga69

    • Server Software Component: Terminal Services DLL

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a Windows Service

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks