General

  • Target

    f9e2fbc5b8c41b45412b0cd4b8e762d850831a1e4931567691def69a98c257cfN

  • Size

    55KB

  • Sample

    241031-c653yawpcw

  • MD5

    48ff6c57d2e916036b40d137b227a9a0

  • SHA1

    4c31b5082e06afea0afe666f2e85bd5cf25bd14e

  • SHA256

    f9e2fbc5b8c41b45412b0cd4b8e762d850831a1e4931567691def69a98c257cf

  • SHA512

    9e2dd565ac011b612e797f2bd00b7a25aa1ca16f8cfed23b3b46a7e22358f3f3fa910fec2e34a2d7fa85f056104ce97bc4cfcc7ee13e683cc685c3683962556b

  • SSDEEP

    1536:KhBZ1b9c409y1G1i35Bo01i/gcU8eVTOK/YqjYYamvbtb:GZl2zoxV1i/NU82OMYcYYamv5b

Malware Config

Targets

    • Target

      f9e2fbc5b8c41b45412b0cd4b8e762d850831a1e4931567691def69a98c257cfN

    • Size

      55KB

    • MD5

      48ff6c57d2e916036b40d137b227a9a0

    • SHA1

      4c31b5082e06afea0afe666f2e85bd5cf25bd14e

    • SHA256

      f9e2fbc5b8c41b45412b0cd4b8e762d850831a1e4931567691def69a98c257cf

    • SHA512

      9e2dd565ac011b612e797f2bd00b7a25aa1ca16f8cfed23b3b46a7e22358f3f3fa910fec2e34a2d7fa85f056104ce97bc4cfcc7ee13e683cc685c3683962556b

    • SSDEEP

      1536:KhBZ1b9c409y1G1i35Bo01i/gcU8eVTOK/YqjYYamvbtb:GZl2zoxV1i/NU82OMYcYYamv5b

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Files and Directories

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks