General
-
Target
9d54c64ca5b058405d0a5b9fe8f651b9ed01f66e886e349c6c8be4f6060ef76d
-
Size
88KB
-
Sample
240929-bfhdhswgne
-
MD5
5e7d6695d0f3deec01f6cdf2cabb2b2c
-
SHA1
0df0fd1f30040720c07184ac121a913ea17c9715
-
SHA256
9d54c64ca5b058405d0a5b9fe8f651b9ed01f66e886e349c6c8be4f6060ef76d
-
SHA512
d14a384ac8e12c5c0b13b62bf4fb558bed1897235ba3c601cd11be44f6a632f118d5dee8234f14c20018b32b4103c0a11fd22976efb933bc7b87277386a596fa
-
SSDEEP
768:6lXIab+3uffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbyt:6JIVoR5K2KjPmLRBNJqHJNZmt
Malware Config
Targets
-
-
Target
9d54c64ca5b058405d0a5b9fe8f651b9ed01f66e886e349c6c8be4f6060ef76d
-
Size
88KB
-
MD5
5e7d6695d0f3deec01f6cdf2cabb2b2c
-
SHA1
0df0fd1f30040720c07184ac121a913ea17c9715
-
SHA256
9d54c64ca5b058405d0a5b9fe8f651b9ed01f66e886e349c6c8be4f6060ef76d
-
SHA512
d14a384ac8e12c5c0b13b62bf4fb558bed1897235ba3c601cd11be44f6a632f118d5dee8234f14c20018b32b4103c0a11fd22976efb933bc7b87277386a596fa
-
SSDEEP
768:6lXIab+3uffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbyt:6JIVoR5K2KjPmLRBNJqHJNZmt
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2