General

  • Target

    264081866b73b8832d70b0bebf9069adfba14e804710bc6b5bc9d256e9160eb2N

  • Size

    66KB

  • Sample

    241031-gw454stjhq

  • MD5

    6e28070471bb3b05a99728c2c41a4e80

  • SHA1

    01077ae8b5227aaf878cfc1956c87baa441bcadc

  • SHA256

    264081866b73b8832d70b0bebf9069adfba14e804710bc6b5bc9d256e9160eb2

  • SHA512

    665bf0051477c7f6ea48fef6ea905fb58d40b489be07d7837bbfc76f801754b3458f03aa164c71113d0290c47a9b230557bb2a549d4b089985b3dd21f18c0aaa

  • SSDEEP

    768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyXmh:Zr3Z5IfQIR81ad5yXmh

Malware Config

Targets

    • Target

      264081866b73b8832d70b0bebf9069adfba14e804710bc6b5bc9d256e9160eb2N

    • Size

      66KB

    • MD5

      6e28070471bb3b05a99728c2c41a4e80

    • SHA1

      01077ae8b5227aaf878cfc1956c87baa441bcadc

    • SHA256

      264081866b73b8832d70b0bebf9069adfba14e804710bc6b5bc9d256e9160eb2

    • SHA512

      665bf0051477c7f6ea48fef6ea905fb58d40b489be07d7837bbfc76f801754b3458f03aa164c71113d0290c47a9b230557bb2a549d4b089985b3dd21f18c0aaa

    • SSDEEP

      768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyXmh:Zr3Z5IfQIR81ad5yXmh

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks