General

  • Target

    f0a23ef6953dcfc363d0b7f6b7709e98371482ba73bb0412f231be76d3168424

  • Size

    220KB

  • Sample

    241109-fwbywsycjf

  • MD5

    d9f832c6683f96fb9b7b516c723b3a68

  • SHA1

    a995b58220dea8fe63c1db5e011cdf9ac12591d3

  • SHA256

    f0a23ef6953dcfc363d0b7f6b7709e98371482ba73bb0412f231be76d3168424

  • SHA512

    b615d7d1f0c2ddfa2ca1f09a02ee218b4fc78ccbfd8902bc84e4471aa2f4945482157a6b3f913a735033d74600b41620fda69991f225a5b210228056deb7c576

  • SSDEEP

    6144:vTWWHn3oBlwEL2wKnvmb7/D26OzRnH/QUw3LsFItNkVFZmJuFxCYN:vTrn3oBlwyKnvmb7/D26itwbsFgNk0JK

Malware Config

Targets

    • Target

      f0a23ef6953dcfc363d0b7f6b7709e98371482ba73bb0412f231be76d3168424

    • Size

      220KB

    • MD5

      d9f832c6683f96fb9b7b516c723b3a68

    • SHA1

      a995b58220dea8fe63c1db5e011cdf9ac12591d3

    • SHA256

      f0a23ef6953dcfc363d0b7f6b7709e98371482ba73bb0412f231be76d3168424

    • SHA512

      b615d7d1f0c2ddfa2ca1f09a02ee218b4fc78ccbfd8902bc84e4471aa2f4945482157a6b3f913a735033d74600b41620fda69991f225a5b210228056deb7c576

    • SSDEEP

      6144:vTWWHn3oBlwEL2wKnvmb7/D26OzRnH/QUw3LsFItNkVFZmJuFxCYN:vTrn3oBlwyKnvmb7/D26itwbsFgNk0JK

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks