General

  • Target

    ec7ba5d18a4cc20171369ee9720e2c3198172a23b0d098234ac3f7fa4072a54eN

  • Size

    42KB

  • Sample

    241031-fwz1qaslaj

  • MD5

    f2128fe384c2b474aa6c6656b967c250

  • SHA1

    c1bff657915f937b70c71348f64494a3791bc7eb

  • SHA256

    ec7ba5d18a4cc20171369ee9720e2c3198172a23b0d098234ac3f7fa4072a54e

  • SHA512

    39b711228c7e2d4bcbc08345277f0003410fd71463a46e1367de4dd4eef2c3c3c29712a0dd2cba928a00ab27eeaea474b49a4fbc31cb6f870a0b4b0d8a9b6640

  • SSDEEP

    384:gstrVTkkymwQPOMx/PLcbSYOfUXiURFLmjoiIRxSXZHno8wJ+T3ivTVD9iDn8U:gcTkkrwLA6lvXiURdmPt5wcSvJD9iX

Malware Config

Targets

    • Target

      ec7ba5d18a4cc20171369ee9720e2c3198172a23b0d098234ac3f7fa4072a54eN

    • Size

      42KB

    • MD5

      f2128fe384c2b474aa6c6656b967c250

    • SHA1

      c1bff657915f937b70c71348f64494a3791bc7eb

    • SHA256

      ec7ba5d18a4cc20171369ee9720e2c3198172a23b0d098234ac3f7fa4072a54e

    • SHA512

      39b711228c7e2d4bcbc08345277f0003410fd71463a46e1367de4dd4eef2c3c3c29712a0dd2cba928a00ab27eeaea474b49a4fbc31cb6f870a0b4b0d8a9b6640

    • SSDEEP

      384:gstrVTkkymwQPOMx/PLcbSYOfUXiURFLmjoiIRxSXZHno8wJ+T3ivTVD9iDn8U:gcTkkrwLA6lvXiURdmPt5wcSvJD9iX

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks