General

  • Target

    8a239f2ba50d59aaeffbeae7583e04a3c53633b994f0964f8db88b5923e5f4eeN

  • Size

    135KB

  • Sample

    241030-nln5gasfnp

  • MD5

    e76fd9d78d6afa778a460a28576d7b90

  • SHA1

    f5edb962431b5145c997e7af9e2794323c82ae82

  • SHA256

    8a239f2ba50d59aaeffbeae7583e04a3c53633b994f0964f8db88b5923e5f4ee

  • SHA512

    ef2c48d2be87a1ecfb2ae321220fcbcb9895d0ba76cf547728b4065f017a3b792fa3689b4cdd149a7240500016a578f825596d4ce92c107c85e98a15c9f3abb2

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOR:YfU/WF6QMauSuiWNi9eNOl0007NZIOR

Malware Config

Targets

    • Target

      8a239f2ba50d59aaeffbeae7583e04a3c53633b994f0964f8db88b5923e5f4eeN

    • Size

      135KB

    • MD5

      e76fd9d78d6afa778a460a28576d7b90

    • SHA1

      f5edb962431b5145c997e7af9e2794323c82ae82

    • SHA256

      8a239f2ba50d59aaeffbeae7583e04a3c53633b994f0964f8db88b5923e5f4ee

    • SHA512

      ef2c48d2be87a1ecfb2ae321220fcbcb9895d0ba76cf547728b4065f017a3b792fa3689b4cdd149a7240500016a578f825596d4ce92c107c85e98a15c9f3abb2

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOR:YfU/WF6QMauSuiWNi9eNOl0007NZIOR

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks