General
-
Target
a2c8cecd44b208d3d1ceb26855fb375d5e04309931486463782e38c6ef1ea358
-
Size
200KB
-
Sample
241101-wybc5ssjg1
-
MD5
88e999ecc8ae895c1aeec91c3c73cdc4
-
SHA1
66f70e66d569ec289f5090a6fa9c385c24c76cbc
-
SHA256
a2c8cecd44b208d3d1ceb26855fb375d5e04309931486463782e38c6ef1ea358
-
SHA512
482a93ed6f5f7a16bbc460125e6a9ec56326af1b8303e83ebefa905a358ede7c6654f5dfc05b4fb8d564b691a679cade160f13edb0ebc3a6630fe97ffafb2e41
-
SSDEEP
6144:W8A7Knvmb7/D26rfo9Am26fBXMZ8R3FXjrCTYTQdq4qJUGQBSpYCbw6I:jA7Knvmb7/D26zZ8R3FXjrC8T8q4qJgP
Malware Config
Targets
-
-
Target
a2c8cecd44b208d3d1ceb26855fb375d5e04309931486463782e38c6ef1ea358
-
Size
200KB
-
MD5
88e999ecc8ae895c1aeec91c3c73cdc4
-
SHA1
66f70e66d569ec289f5090a6fa9c385c24c76cbc
-
SHA256
a2c8cecd44b208d3d1ceb26855fb375d5e04309931486463782e38c6ef1ea358
-
SHA512
482a93ed6f5f7a16bbc460125e6a9ec56326af1b8303e83ebefa905a358ede7c6654f5dfc05b4fb8d564b691a679cade160f13edb0ebc3a6630fe97ffafb2e41
-
SSDEEP
6144:W8A7Knvmb7/D26rfo9Am26fBXMZ8R3FXjrCTYTQdq4qJUGQBSpYCbw6I:jA7Knvmb7/D26zZ8R3FXjrC8T8q4qJgP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2