General

  • Target

    bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805cN

  • Size

    3.9MB

  • Sample

    241103-jxq1zszbnl

  • MD5

    5adb2a353e5d54d267e084de41f63310

  • SHA1

    59b62e1159bdc14a58eecff61d4045b634a51374

  • SHA256

    bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805c

  • SHA512

    453b5c61247a0d01d0bf3108532691a6534611460a4ca6483d73e2391b17d1491e342e0f6544b566de526cf6226de6838a133f9788bef3b034b66f89807e71a6

  • SSDEEP

    98304:wxhtYrUqNd6Px5RrtcZmZYZT/UHZxUSa1xJKA:wJEUqNd6Px5RRcsYZT/yv7A

Score
8/10

Malware Config

Targets

    • Target

      bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805cN

    • Size

      3.9MB

    • MD5

      5adb2a353e5d54d267e084de41f63310

    • SHA1

      59b62e1159bdc14a58eecff61d4045b634a51374

    • SHA256

      bcf735aa4788ed01a8c0b2f3b71bdccfcfa1f7965d772c82197cc32fb8f7805c

    • SHA512

      453b5c61247a0d01d0bf3108532691a6534611460a4ca6483d73e2391b17d1491e342e0f6544b566de526cf6226de6838a133f9788bef3b034b66f89807e71a6

    • SSDEEP

      98304:wxhtYrUqNd6Px5RrtcZmZYZT/UHZxUSa1xJKA:wJEUqNd6Px5RRcsYZT/yv7A

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks