General

  • Target

    9a64aeea1f2fc2a1811b3598b4e2c166d69bd044663d81b70be196b37c5b0082N

  • Size

    59KB

  • Sample

    241031-dfznxaycpp

  • MD5

    f07609d1a6f7fa4ba49a665f263bfcb0

  • SHA1

    71003abc78404a765d2c80800ba471fc7c3565d0

  • SHA256

    9a64aeea1f2fc2a1811b3598b4e2c166d69bd044663d81b70be196b37c5b0082

  • SHA512

    d62b81db5f4314efe9879efa05d5345f42d38ef603321b8020e90489cb225e82696ecf40dc53c0b471356c113e2d14e1edac3fde941931f8cc61997fe551a2ac

  • SSDEEP

    1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQH:OeodiUO4p13b9HiIeoutuh1aQH

Malware Config

Targets

    • Target

      9a64aeea1f2fc2a1811b3598b4e2c166d69bd044663d81b70be196b37c5b0082N

    • Size

      59KB

    • MD5

      f07609d1a6f7fa4ba49a665f263bfcb0

    • SHA1

      71003abc78404a765d2c80800ba471fc7c3565d0

    • SHA256

      9a64aeea1f2fc2a1811b3598b4e2c166d69bd044663d81b70be196b37c5b0082

    • SHA512

      d62b81db5f4314efe9879efa05d5345f42d38ef603321b8020e90489cb225e82696ecf40dc53c0b471356c113e2d14e1edac3fde941931f8cc61997fe551a2ac

    • SSDEEP

      1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQH:OeodiUO4p13b9HiIeoutuh1aQH

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks