General

  • Target

    24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338

  • Size

    1.7MB

  • Sample

    241103-zjjmratglh

  • MD5

    15064527753763619d3781b780ded930

  • SHA1

    26d03ea8ced5a9fceb3260cf9e71bf1f08768c8b

  • SHA256

    24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338

  • SHA512

    626a700ab6fc50be15b59e63a5114c100d5b95a6531f24ada010a70f9438f2c769df336980e58bfb4b799e484ec9b897555bc31be3a10fc3b9b356be0452f5de

  • SSDEEP

    49152:qJfJlyMrgsK4Dg2JYYZqNi/3nXeHgUAozs1:qJBlVg2J9SOntVn

Score
8/10

Malware Config

Targets

    • Target

      24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338

    • Size

      1.7MB

    • MD5

      15064527753763619d3781b780ded930

    • SHA1

      26d03ea8ced5a9fceb3260cf9e71bf1f08768c8b

    • SHA256

      24a23986595cddd1f5ece2a39b39349a0d7101dd98c69b000b54432a3bb9e338

    • SHA512

      626a700ab6fc50be15b59e63a5114c100d5b95a6531f24ada010a70f9438f2c769df336980e58bfb4b799e484ec9b897555bc31be3a10fc3b9b356be0452f5de

    • SSDEEP

      49152:qJfJlyMrgsK4Dg2JYYZqNi/3nXeHgUAozs1:qJBlVg2J9SOntVn

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks