General

  • Target

    ad782a33f1fe98a5a5d75bd19e8a3b5e699e20932af5972e75634951670ca90a

  • Size

    94KB

  • Sample

    241110-b3crjszkdm

  • MD5

    d978e4ca064ce01f293e62f827ae425a

  • SHA1

    295e04b231f2a37bdec90b2d6e9a2436c3b9ac97

  • SHA256

    ad782a33f1fe98a5a5d75bd19e8a3b5e699e20932af5972e75634951670ca90a

  • SHA512

    d5a84924ed4eb210da275172696f8085ce509a88ff554b3faa84d21ff46d8310c1d6045417964affac9ae988f13e97c91e1c352fde655dc744033d1953e5d3b6

  • SSDEEP

    1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7P:PfU/WF6QMauSuiWNi9CO+WARJrWNZx

Malware Config

Targets

    • Target

      ad782a33f1fe98a5a5d75bd19e8a3b5e699e20932af5972e75634951670ca90a

    • Size

      94KB

    • MD5

      d978e4ca064ce01f293e62f827ae425a

    • SHA1

      295e04b231f2a37bdec90b2d6e9a2436c3b9ac97

    • SHA256

      ad782a33f1fe98a5a5d75bd19e8a3b5e699e20932af5972e75634951670ca90a

    • SHA512

      d5a84924ed4eb210da275172696f8085ce509a88ff554b3faa84d21ff46d8310c1d6045417964affac9ae988f13e97c91e1c352fde655dc744033d1953e5d3b6

    • SSDEEP

      1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7P:PfU/WF6QMauSuiWNi9CO+WARJrWNZx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks