General
-
Target
c3a2043fdfab084f1f4e3155f326e2fd3b38944943aeb81dcfb197ca4e522ae0N
-
Size
75KB
-
Sample
241014-xzpgts1hmb
-
MD5
7bd4b531ebc7621fe9f88035f5ba16c0
-
SHA1
a5644923800a7c07b8a02cbef4123fa01f13494b
-
SHA256
c3a2043fdfab084f1f4e3155f326e2fd3b38944943aeb81dcfb197ca4e522ae0
-
SHA512
9337507a85de1fc332247f5296bc1c754260f6fd5081566fba67ddc7e619028bbc2b0e8c542b67afda17f0ebd10b511e738987d1b3ac0695fdd2bdd0359d13bf
-
SSDEEP
1536:bB+IvkfMlYPPEutHwHiHoHV/NBbgzrqNldFCnDNlN1t7g7:1+Iv/Gc/NBbgzrqNldFCnDNlN1G
Malware Config
Targets
-
-
Target
c3a2043fdfab084f1f4e3155f326e2fd3b38944943aeb81dcfb197ca4e522ae0N
-
Size
75KB
-
MD5
7bd4b531ebc7621fe9f88035f5ba16c0
-
SHA1
a5644923800a7c07b8a02cbef4123fa01f13494b
-
SHA256
c3a2043fdfab084f1f4e3155f326e2fd3b38944943aeb81dcfb197ca4e522ae0
-
SHA512
9337507a85de1fc332247f5296bc1c754260f6fd5081566fba67ddc7e619028bbc2b0e8c542b67afda17f0ebd10b511e738987d1b3ac0695fdd2bdd0359d13bf
-
SSDEEP
1536:bB+IvkfMlYPPEutHwHiHoHV/NBbgzrqNldFCnDNlN1t7g7:1+Iv/Gc/NBbgzrqNldFCnDNlN1G
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2