General
-
Target
5de43b55f3c04b94136569aedbfc19c5b883e3f06daf5cfcd2b8472085c3623cN
-
Size
111KB
-
Sample
241018-hzs3pawgln
-
MD5
8bc9ce0a1cb700a7c03dc21559e9ebe0
-
SHA1
87276fb1f2aa32fd57a9fcd6903025067981eb8f
-
SHA256
5de43b55f3c04b94136569aedbfc19c5b883e3f06daf5cfcd2b8472085c3623c
-
SHA512
53a03d0f409ed816d29c50c83802c7adcc5f26fefd7ec1c45e3c694fde550df5df8eb91968d5d09fcb5cd01d8a944c730a50c3fe2531468b1bfcf2bfbdd2183d
-
SSDEEP
768:sduwfCc7vle4JlNN6MMkkLhP34DGltCJWx+7AppL4zG4dslM8lP+wgG0SXdkUr93:sdFDLlSMMkkLdlN+aLHM8WSXjys
Malware Config
Targets
-
-
Target
5de43b55f3c04b94136569aedbfc19c5b883e3f06daf5cfcd2b8472085c3623cN
-
Size
111KB
-
MD5
8bc9ce0a1cb700a7c03dc21559e9ebe0
-
SHA1
87276fb1f2aa32fd57a9fcd6903025067981eb8f
-
SHA256
5de43b55f3c04b94136569aedbfc19c5b883e3f06daf5cfcd2b8472085c3623c
-
SHA512
53a03d0f409ed816d29c50c83802c7adcc5f26fefd7ec1c45e3c694fde550df5df8eb91968d5d09fcb5cd01d8a944c730a50c3fe2531468b1bfcf2bfbdd2183d
-
SSDEEP
768:sduwfCc7vle4JlNN6MMkkLhP34DGltCJWx+7AppL4zG4dslM8lP+wgG0SXdkUr93:sdFDLlSMMkkLdlN+aLHM8WSXjys
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2