General
-
Target
b123d88bd636ca53779d70bb8a3fd7a26ba059665e73648a40fbfadd2e45a977
-
Size
336KB
-
Sample
241014-c73n7swfme
-
MD5
2ba7266c7d40689060b5ce4e59afbc20
-
SHA1
2f239ef274e04bf33f140f345a05fd5bb5f14518
-
SHA256
b123d88bd636ca53779d70bb8a3fd7a26ba059665e73648a40fbfadd2e45a977
-
SHA512
e6a503e5692bbbce11af65ecabdd059774e145cf7103b03fea7c2c0c24de9963cf7270492a654e147db1eaebfea7669dab0f7d0dc6d9f9ac3251111c62ca3f1f
-
SSDEEP
3072:7pmGpBtQGCltUWrEpmpXzKmk4nDVkj4C2lXRWMvaTv/0qAdf564HQ4oQZiECRW:78GpYGCleWRpDC2dRITv/HAf5NUW5
Malware Config
Targets
-
-
Target
b123d88bd636ca53779d70bb8a3fd7a26ba059665e73648a40fbfadd2e45a977
-
Size
336KB
-
MD5
2ba7266c7d40689060b5ce4e59afbc20
-
SHA1
2f239ef274e04bf33f140f345a05fd5bb5f14518
-
SHA256
b123d88bd636ca53779d70bb8a3fd7a26ba059665e73648a40fbfadd2e45a977
-
SHA512
e6a503e5692bbbce11af65ecabdd059774e145cf7103b03fea7c2c0c24de9963cf7270492a654e147db1eaebfea7669dab0f7d0dc6d9f9ac3251111c62ca3f1f
-
SSDEEP
3072:7pmGpBtQGCltUWrEpmpXzKmk4nDVkj4C2lXRWMvaTv/0qAdf564HQ4oQZiECRW:78GpYGCleWRpDC2dRITv/HAf5NUW5
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2