General

  • Target

    528043dff4c06d5409423beec1a7af3355c5011de6b0f6a4106bd359d28ae840N

  • Size

    132KB

  • Sample

    241107-nsvktstphn

  • MD5

    eb2ab4c4cba17142738ac70375a65e50

  • SHA1

    5408e57d2c84ef30fa5122dc855c4184fafbc51d

  • SHA256

    528043dff4c06d5409423beec1a7af3355c5011de6b0f6a4106bd359d28ae840

  • SHA512

    2dbea400ee5c91703f0ae90b7a9f6d4065691bf292d32b698c5e0666d0d4da0eedace5184984260d8c5a840a367281bccbc29af96bac4ce45ffdbf91c2875fc9

  • SSDEEP

    1536:bHFjwOqUuflO+6peVdM/d2yv6n0APB8qFE0OSqHW2PYoPPrCLaC46lxIDCwMZODP:ryOqxY+6pejzNB8A4xAo784KmMMDLHb

Malware Config

Targets

    • Target

      528043dff4c06d5409423beec1a7af3355c5011de6b0f6a4106bd359d28ae840N

    • Size

      132KB

    • MD5

      eb2ab4c4cba17142738ac70375a65e50

    • SHA1

      5408e57d2c84ef30fa5122dc855c4184fafbc51d

    • SHA256

      528043dff4c06d5409423beec1a7af3355c5011de6b0f6a4106bd359d28ae840

    • SHA512

      2dbea400ee5c91703f0ae90b7a9f6d4065691bf292d32b698c5e0666d0d4da0eedace5184984260d8c5a840a367281bccbc29af96bac4ce45ffdbf91c2875fc9

    • SSDEEP

      1536:bHFjwOqUuflO+6peVdM/d2yv6n0APB8qFE0OSqHW2PYoPPrCLaC46lxIDCwMZODP:ryOqxY+6pejzNB8A4xAo784KmMMDLHb

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks