General

  • Target

    09a92583bad5a958eb5933e9d0c9e8d8dedd689ae44c4b175437c4cb3237f347

  • Size

    72KB

  • Sample

    241109-x58gwstkel

  • MD5

    6befa3d2958934bfbe2c39e6beaefc8b

  • SHA1

    49c6358e32d8b1f4ee78869ac859fc10cb08cdee

  • SHA256

    09a92583bad5a958eb5933e9d0c9e8d8dedd689ae44c4b175437c4cb3237f347

  • SHA512

    2cf9b27b18362c89fc64844e425a3043c4028438a0a63d0c4060bb9cbdefee199047ec6bbc6d52f9d38a9f11142fb7912374c6d934e39f6e8f9890be9dcdda62

  • SSDEEP

    768:j/Gw1owYOWJOaokKdDuXfLDkReXon+9Oty/N/X+YVhP5itZfP6v+XyB7:LGw1owcNfUkX28EmNfP8Sv+c7

Malware Config

Targets

    • Target

      09a92583bad5a958eb5933e9d0c9e8d8dedd689ae44c4b175437c4cb3237f347

    • Size

      72KB

    • MD5

      6befa3d2958934bfbe2c39e6beaefc8b

    • SHA1

      49c6358e32d8b1f4ee78869ac859fc10cb08cdee

    • SHA256

      09a92583bad5a958eb5933e9d0c9e8d8dedd689ae44c4b175437c4cb3237f347

    • SHA512

      2cf9b27b18362c89fc64844e425a3043c4028438a0a63d0c4060bb9cbdefee199047ec6bbc6d52f9d38a9f11142fb7912374c6d934e39f6e8f9890be9dcdda62

    • SSDEEP

      768:j/Gw1owYOWJOaokKdDuXfLDkReXon+9Oty/N/X+YVhP5itZfP6v+XyB7:LGw1owcNfUkX28EmNfP8Sv+c7

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks