General

  • Target

    6d6978924d5a1d66c0feca4d0ada81d9cb3b9bec3184555e3f5e1ae562782395

  • Size

    135KB

  • Sample

    241031-ay45kawpfp

  • MD5

    b296376360576d30fdd75756a5b532ed

  • SHA1

    5f59e660653658abe43a05b98a632a22fa28559b

  • SHA256

    6d6978924d5a1d66c0feca4d0ada81d9cb3b9bec3184555e3f5e1ae562782395

  • SHA512

    df93e06befaa7d9bdd916e60185096ce4544319de7cb3e8d71c257d3d54f3240b72e7ecf6a31d66b2cb3afbe38ddf297ad2402c2badefd6ae9e8192a9ca8c9ee

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOO:YfU/WF6QMauSuiWNi9eNOl0007NZIOO

Malware Config

Targets

    • Target

      6d6978924d5a1d66c0feca4d0ada81d9cb3b9bec3184555e3f5e1ae562782395

    • Size

      135KB

    • MD5

      b296376360576d30fdd75756a5b532ed

    • SHA1

      5f59e660653658abe43a05b98a632a22fa28559b

    • SHA256

      6d6978924d5a1d66c0feca4d0ada81d9cb3b9bec3184555e3f5e1ae562782395

    • SHA512

      df93e06befaa7d9bdd916e60185096ce4544319de7cb3e8d71c257d3d54f3240b72e7ecf6a31d66b2cb3afbe38ddf297ad2402c2badefd6ae9e8192a9ca8c9ee

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOO:YfU/WF6QMauSuiWNi9eNOl0007NZIOO

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks