General

  • Target

    07f17e725b4b759de3388d955e90e321316efacddd2e13c6aa03592112175941

  • Size

    260KB

  • Sample

    241109-x21b4szkgv

  • MD5

    aad6a69b166533e47bae5a48243cb87b

  • SHA1

    6ecc5bcaf48eed6012866f3b60786afb36d8ef31

  • SHA256

    07f17e725b4b759de3388d955e90e321316efacddd2e13c6aa03592112175941

  • SHA512

    f50c534d41da16ba22b9a857dd31769d462cdfa13b93f22c3d072306754f78ba26caff23a96ea0a25b1652d10127165c28b0bd4bdd8d85905584f9bbdbe2b54c

  • SSDEEP

    3072:WgfAlNYbvh25n/kZoSUjMqXnpWAkpAmTSrMaIOYt/jo7LAtPhjjtZnfHFEoWBfGs:WdpgTSrMaIl/jcLijfHFEHWzXvjT85R

Malware Config

Targets

    • Target

      07f17e725b4b759de3388d955e90e321316efacddd2e13c6aa03592112175941

    • Size

      260KB

    • MD5

      aad6a69b166533e47bae5a48243cb87b

    • SHA1

      6ecc5bcaf48eed6012866f3b60786afb36d8ef31

    • SHA256

      07f17e725b4b759de3388d955e90e321316efacddd2e13c6aa03592112175941

    • SHA512

      f50c534d41da16ba22b9a857dd31769d462cdfa13b93f22c3d072306754f78ba26caff23a96ea0a25b1652d10127165c28b0bd4bdd8d85905584f9bbdbe2b54c

    • SSDEEP

      3072:WgfAlNYbvh25n/kZoSUjMqXnpWAkpAmTSrMaIOYt/jo7LAtPhjjtZnfHFEoWBfGs:WdpgTSrMaIl/jcLijfHFEHWzXvjT85R

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks