General
-
Target
4ea43960b4d05cfbd0a934e705bfdc6bcfe6f0ee13f5af8810d6bdde1b797a30N
-
Size
1.2MB
-
Sample
241015-hn656svcrn
-
MD5
9f606fcccb1d5547349c11d9a4d60400
-
SHA1
36dce844779abd3dc8c26f3cf3f9e9161188d2cb
-
SHA256
4ea43960b4d05cfbd0a934e705bfdc6bcfe6f0ee13f5af8810d6bdde1b797a30
-
SHA512
58a42ba8744ae41c8e3f19528ab25e0c4a1069ea9fc7e5fecf4b5ece08a709303b1346953de80a672ce3d6a95ce4e53ec25037a8449677898c032dd3834b839b
-
SSDEEP
24576:l7sRFy8ERFy0ERFy8ERFy0ERFy8ERFy0ERFy8ERFy0ERFy8ERFy0ERFy8ERFy0Eu:l7EU8cU0cU8cU0cU8cU0cU8cU0cU8cUU
Malware Config
Targets
-
-
Target
4ea43960b4d05cfbd0a934e705bfdc6bcfe6f0ee13f5af8810d6bdde1b797a30N
-
Size
1.2MB
-
MD5
9f606fcccb1d5547349c11d9a4d60400
-
SHA1
36dce844779abd3dc8c26f3cf3f9e9161188d2cb
-
SHA256
4ea43960b4d05cfbd0a934e705bfdc6bcfe6f0ee13f5af8810d6bdde1b797a30
-
SHA512
58a42ba8744ae41c8e3f19528ab25e0c4a1069ea9fc7e5fecf4b5ece08a709303b1346953de80a672ce3d6a95ce4e53ec25037a8449677898c032dd3834b839b
-
SSDEEP
24576:l7sRFy8ERFy0ERFy8ERFy0ERFy8ERFy0ERFy8ERFy0ERFy8ERFy0ERFy8ERFy0Eu:l7EU8cU0cU8cU0cU8cU0cU8cU0cU8cUU
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Safe Mode Boot
1Modify Registry
5