General

  • Target

    f66a72153ccd751af1cf93fc9e38d120cfb24a78a3463f1ea9d9b4a534175fa4

  • Size

    196KB

  • Sample

    241031-ar6ptatlez

  • MD5

    393906cecb425fe5846caed8ff699cf6

  • SHA1

    b5c0609e0ae200bd1b629b6d78317af05ea07476

  • SHA256

    f66a72153ccd751af1cf93fc9e38d120cfb24a78a3463f1ea9d9b4a534175fa4

  • SHA512

    9fce9e4e7037fb9d991bb1323555ba9488fb92fd7d3007ca57fe8ea105a1ccecf665f0d64932b2858a81f649ba938fea850325f57cc2158033582b9614094fbe

  • SSDEEP

    6144:rBs27MMLyX5HXXXDTXXXOGqIII+pXXX5AYjKXXXDoXXXG6XXXxXXXLIIIEAkOCO5:rK20HXXX/XXXFqIIIcXXX5j2XXXcXXX8

Malware Config

Targets

    • Target

      f66a72153ccd751af1cf93fc9e38d120cfb24a78a3463f1ea9d9b4a534175fa4

    • Size

      196KB

    • MD5

      393906cecb425fe5846caed8ff699cf6

    • SHA1

      b5c0609e0ae200bd1b629b6d78317af05ea07476

    • SHA256

      f66a72153ccd751af1cf93fc9e38d120cfb24a78a3463f1ea9d9b4a534175fa4

    • SHA512

      9fce9e4e7037fb9d991bb1323555ba9488fb92fd7d3007ca57fe8ea105a1ccecf665f0d64932b2858a81f649ba938fea850325f57cc2158033582b9614094fbe

    • SSDEEP

      6144:rBs27MMLyX5HXXXDTXXXOGqIII+pXXX5AYjKXXXDoXXXG6XXXxXXXLIIIEAkOCO5:rK20HXXX/XXXFqIIIcXXX5j2XXXcXXX8

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks