General
-
Target
5ddd1c512708614222713e090b65417e588289519c991de4f159a74f901c8cc4
-
Size
1.2MB
-
Sample
241011-14ckls1fkr
-
MD5
420f785e369c8ed6d62ba20d477fabe5
-
SHA1
4293b964712e8e904e81bdc52f6b6b837689d773
-
SHA256
5ddd1c512708614222713e090b65417e588289519c991de4f159a74f901c8cc4
-
SHA512
19a0dde318e564c2361bead529d34779dcffcddbc23c97dae9fb5154a1a5ffe585bc2420b48e72570c5df58aab92fa37834036970f0ecc94962c58774ce07702
-
SSDEEP
6144:gDCwfazhDCwfazrDCwfqDCwfyDDCwfADCwfyDDCwfqDCwfyDDC1:g7azh7azr7q7yD7A7yD7q7yD0
Malware Config
Targets
-
-
Target
5ddd1c512708614222713e090b65417e588289519c991de4f159a74f901c8cc4
-
Size
1.2MB
-
MD5
420f785e369c8ed6d62ba20d477fabe5
-
SHA1
4293b964712e8e904e81bdc52f6b6b837689d773
-
SHA256
5ddd1c512708614222713e090b65417e588289519c991de4f159a74f901c8cc4
-
SHA512
19a0dde318e564c2361bead529d34779dcffcddbc23c97dae9fb5154a1a5ffe585bc2420b48e72570c5df58aab92fa37834036970f0ecc94962c58774ce07702
-
SSDEEP
6144:gDCwfazhDCwfazrDCwfqDCwfyDDCwfADCwfyDDCwfqDCwfyDDC1:g7azh7azr7q7yD7A7yD7q7yD0
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Safe Mode Boot
1Modify Registry
5