General
-
Target
41cec026ceea0d0c30c000ed06e6fcb70fa453028c89e4f8d9660ee5a799f380N
-
Size
398KB
-
Sample
241023-t6flqazfqa
-
MD5
7adcc540704242a9785bacd4ee5d51f0
-
SHA1
79db8040b844aa2c59a8941c6493424bfcb20399
-
SHA256
41cec026ceea0d0c30c000ed06e6fcb70fa453028c89e4f8d9660ee5a799f380
-
SHA512
6f609e4246e8c26b31b5de3b1575952724f7a8b6f7eacb610fea5c66d288cec511ab70c20bc50c268db163b1b7159694907f3356b38e04ee23b20d9874f9074f
-
SSDEEP
6144:gDCwfG1bnxLERR9sadDCwfG1bnxLERR9saco:g72bntEL9/d72bntEL9/co
Malware Config
Targets
-
-
Target
41cec026ceea0d0c30c000ed06e6fcb70fa453028c89e4f8d9660ee5a799f380N
-
Size
398KB
-
MD5
7adcc540704242a9785bacd4ee5d51f0
-
SHA1
79db8040b844aa2c59a8941c6493424bfcb20399
-
SHA256
41cec026ceea0d0c30c000ed06e6fcb70fa453028c89e4f8d9660ee5a799f380
-
SHA512
6f609e4246e8c26b31b5de3b1575952724f7a8b6f7eacb610fea5c66d288cec511ab70c20bc50c268db163b1b7159694907f3356b38e04ee23b20d9874f9074f
-
SSDEEP
6144:gDCwfG1bnxLERR9sadDCwfG1bnxLERR9saco:g72bntEL9/d72bntEL9/co
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Safe Mode Boot
1Modify Registry
5