General

  • Target

    c0c3788eebe80a77388868be34212785fc469e9f2efa3d388f717fc4bbbbd4b9N

  • Size

    232KB

  • Sample

    241031-g2ahpasbre

  • MD5

    68e52867d0989424bbf8dd3edc12c000

  • SHA1

    8cc790c8a11b747849e112c0cb249b0b0ddbce37

  • SHA256

    c0c3788eebe80a77388868be34212785fc469e9f2efa3d388f717fc4bbbbd4b9

  • SHA512

    bd61c25a93346935c1665cd817412b8abae8bfe09acd70efbe2b221508d393bcffb6d38d5dfbe1b4c4e8b6dec4368e1ed3dbe50b1f83625cb259dd99533c0ae5

  • SSDEEP

    3072:hI1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5s1i/NU82OMYcYYamv5b:ki/NjO5YBgegD0PHzSni/N+O7

Malware Config

Targets

    • Target

      c0c3788eebe80a77388868be34212785fc469e9f2efa3d388f717fc4bbbbd4b9N

    • Size

      232KB

    • MD5

      68e52867d0989424bbf8dd3edc12c000

    • SHA1

      8cc790c8a11b747849e112c0cb249b0b0ddbce37

    • SHA256

      c0c3788eebe80a77388868be34212785fc469e9f2efa3d388f717fc4bbbbd4b9

    • SHA512

      bd61c25a93346935c1665cd817412b8abae8bfe09acd70efbe2b221508d393bcffb6d38d5dfbe1b4c4e8b6dec4368e1ed3dbe50b1f83625cb259dd99533c0ae5

    • SSDEEP

      3072:hI1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5s1i/NU82OMYcYYamv5b:ki/NjO5YBgegD0PHzSni/N+O7

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Files and Directories

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks