General
-
Target
f5dc03647d3e8700d3755bd846befa0d26eb4ca78d66e4147a81826a44e7c8f1
-
Size
88KB
-
Sample
241013-fx196s1bld
-
MD5
98eded03732a704f2e071bc6888222b4
-
SHA1
30e83d37bb3d2ba155f9e4051485935247c12fc0
-
SHA256
f5dc03647d3e8700d3755bd846befa0d26eb4ca78d66e4147a81826a44e7c8f1
-
SHA512
d41d841879260c0489ec1806e3d98e66dcd83837534b5e35cddecf0dadd8e154462208264301c1b02737f23de23ecec15d709f90bc13cc82decf7cbbc0423e34
-
SSDEEP
768:6lXI+1+5h7ffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbyd:6JI+0vR5K2KjPmLRBNJqHJNZmd
Malware Config
Targets
-
-
Target
f5dc03647d3e8700d3755bd846befa0d26eb4ca78d66e4147a81826a44e7c8f1
-
Size
88KB
-
MD5
98eded03732a704f2e071bc6888222b4
-
SHA1
30e83d37bb3d2ba155f9e4051485935247c12fc0
-
SHA256
f5dc03647d3e8700d3755bd846befa0d26eb4ca78d66e4147a81826a44e7c8f1
-
SHA512
d41d841879260c0489ec1806e3d98e66dcd83837534b5e35cddecf0dadd8e154462208264301c1b02737f23de23ecec15d709f90bc13cc82decf7cbbc0423e34
-
SSDEEP
768:6lXI+1+5h7ffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbyd:6JI+0vR5K2KjPmLRBNJqHJNZmd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2