General
-
Target
faee9cbca77874b1b683c65fa7be49a45b7666b023cc5b0be857aef49d078f53
-
Size
4.9MB
-
Sample
241014-gsjd8s1bjd
-
MD5
2462ad9cc66377e6af57da53c5f9f637
-
SHA1
c9556b41b31b410ea934f7fa1b0385971cb7791e
-
SHA256
faee9cbca77874b1b683c65fa7be49a45b7666b023cc5b0be857aef49d078f53
-
SHA512
8f1f3185aad6608748062192ca3b2aa292b38525ec2729d136c249f2f268150852ec87bd2413331ef628fb3fe0f4c9e3e1c96d88cea2a3ce9d66eb5e128a6cd5
-
SSDEEP
98304:gMmD2mDAc2mDMmD2mDrc2mDMmD2mD65MmD2mD6c2mDMmD2mDk:gMmD2mDAc2mDMmD2mDrc2mDMmD2mD65C
Malware Config
Targets
-
-
Target
faee9cbca77874b1b683c65fa7be49a45b7666b023cc5b0be857aef49d078f53
-
Size
4.9MB
-
MD5
2462ad9cc66377e6af57da53c5f9f637
-
SHA1
c9556b41b31b410ea934f7fa1b0385971cb7791e
-
SHA256
faee9cbca77874b1b683c65fa7be49a45b7666b023cc5b0be857aef49d078f53
-
SHA512
8f1f3185aad6608748062192ca3b2aa292b38525ec2729d136c249f2f268150852ec87bd2413331ef628fb3fe0f4c9e3e1c96d88cea2a3ce9d66eb5e128a6cd5
-
SSDEEP
98304:gMmD2mDAc2mDMmD2mDrc2mDMmD2mD65MmD2mD6c2mDMmD2mDk:gMmD2mDAc2mDMmD2mDrc2mDMmD2mD65C
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Safe Mode Boot
1Modify Registry
5