General

  • Target

    9dfd9c951f243a2b233e1c3550bb769dc516ba0b933474595383ee7ae1d2cb1eN

  • Size

    59KB

  • Sample

    241031-fjlybssjel

  • MD5

    d441db7f8d53a25cc5c6c54b973778a0

  • SHA1

    fef8d33d97a5dea872b87e4704d3f1a4da9a4c97

  • SHA256

    9dfd9c951f243a2b233e1c3550bb769dc516ba0b933474595383ee7ae1d2cb1e

  • SHA512

    92d8fd36e4a9941fcf25e20aabd31f3db7c1a4d6ec377b04bd7ec34c724585549e341022a5faa86f3655830d015dc543d01350b37719a46137fd97cbe969e47c

  • SSDEEP

    1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQT:OeodiUO4p13b9HiIeoutuh1aQT

Malware Config

Targets

    • Target

      9dfd9c951f243a2b233e1c3550bb769dc516ba0b933474595383ee7ae1d2cb1eN

    • Size

      59KB

    • MD5

      d441db7f8d53a25cc5c6c54b973778a0

    • SHA1

      fef8d33d97a5dea872b87e4704d3f1a4da9a4c97

    • SHA256

      9dfd9c951f243a2b233e1c3550bb769dc516ba0b933474595383ee7ae1d2cb1e

    • SHA512

      92d8fd36e4a9941fcf25e20aabd31f3db7c1a4d6ec377b04bd7ec34c724585549e341022a5faa86f3655830d015dc543d01350b37719a46137fd97cbe969e47c

    • SSDEEP

      1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQT:OeodiUO4p13b9HiIeoutuh1aQT

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks