General

  • Target

    server.exe

  • Size

    308KB

  • Sample

    241109-1ajf3asfla

  • MD5

    5934ecb8906e4ce1f1b93a6b1c5dc0d5

  • SHA1

    156767a77314fc5b83e36f58f9d6edd5941c980f

  • SHA256

    4da81e9833ac6bf903148b75d76b0c26d50f48b7fa4c043da88f3ecb12699c64

  • SHA512

    1b02177a627570065239688e70fea92cba84fdd699db054e7097640047a2a316e086b2e9816617b295a103f2e5d19acff826fc25925b70555030316014c9e6fc

  • SSDEEP

    6144:X514GXdVqjtyg17wcyJB9Dv/yoaQQEDinsbTzg7mcEOiTCMvUkrUbOV+P1zj:X5eGXdMxyg1kcy1pDisbg7m3OiTCMvYf

Malware Config

Targets

    • Target

      server.exe

    • Size

      308KB

    • MD5

      5934ecb8906e4ce1f1b93a6b1c5dc0d5

    • SHA1

      156767a77314fc5b83e36f58f9d6edd5941c980f

    • SHA256

      4da81e9833ac6bf903148b75d76b0c26d50f48b7fa4c043da88f3ecb12699c64

    • SHA512

      1b02177a627570065239688e70fea92cba84fdd699db054e7097640047a2a316e086b2e9816617b295a103f2e5d19acff826fc25925b70555030316014c9e6fc

    • SSDEEP

      6144:X514GXdVqjtyg17wcyJB9Dv/yoaQQEDinsbTzg7mcEOiTCMvUkrUbOV+P1zj:X5eGXdMxyg1kcy1pDisbg7m3OiTCMvYf

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks