General
-
Target
063ac42cc6b3f0c86f91ded1b9d31a24e4a77ff464cb0d17fb66a3fce348cb97N
-
Size
88KB
-
Sample
241005-eemtdstfkr
-
MD5
e641d72c7996bdeb2948b36ce4507240
-
SHA1
b5f98d05b49f9da6cec96d5f0eeaec0caa0b9a74
-
SHA256
063ac42cc6b3f0c86f91ded1b9d31a24e4a77ff464cb0d17fb66a3fce348cb97
-
SHA512
a1e31cc75631a20be898cb7a88dee302b400fa68fbcb0674ff0e128717a491a313379cd89a5bc01ca9b15cd7c17040e5bcd1d9f5cab8af945cf3e1911965fa73
-
SSDEEP
768:6lXIZ+RX9AffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbyN:6JIYRX9KR5K2KjPmLRBNJqHJNZmN
Malware Config
Targets
-
-
Target
063ac42cc6b3f0c86f91ded1b9d31a24e4a77ff464cb0d17fb66a3fce348cb97N
-
Size
88KB
-
MD5
e641d72c7996bdeb2948b36ce4507240
-
SHA1
b5f98d05b49f9da6cec96d5f0eeaec0caa0b9a74
-
SHA256
063ac42cc6b3f0c86f91ded1b9d31a24e4a77ff464cb0d17fb66a3fce348cb97
-
SHA512
a1e31cc75631a20be898cb7a88dee302b400fa68fbcb0674ff0e128717a491a313379cd89a5bc01ca9b15cd7c17040e5bcd1d9f5cab8af945cf3e1911965fa73
-
SSDEEP
768:6lXIZ+RX9AffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbyN:6JIYRX9KR5K2KjPmLRBNJqHJNZmN
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2