General

  • Target

    af9b9a674c87f6f5e662e61e9741e0b0c060c839254963824db1cf5f3d5eb066N

  • Size

    107KB

  • Sample

    241110-b3x3gsxanb

  • MD5

    e4bbd14f58c9db9a9f161b1aa5247350

  • SHA1

    6d0efd03776876e34c7adf5f9e3d807a1ec7762f

  • SHA256

    af9b9a674c87f6f5e662e61e9741e0b0c060c839254963824db1cf5f3d5eb066

  • SHA512

    2f15d097a0140dc41db54b33a184a953b77bbd8f7576bb30f6dd35af837b7a4e891d9e23effcba19407702bb034c8f3c007f2c6750416277eb2c5a9eadc980c7

  • SSDEEP

    1536:2zfXIsxrhzk2nfsW3ou3yWW2dvcW6eHcBwUi6vWE0Dl27b58XBdqaMGxuA1n1:yfjxrhzk2nfsWhP7dvavi6vWEbh8X/

Malware Config

Targets

    • Target

      af9b9a674c87f6f5e662e61e9741e0b0c060c839254963824db1cf5f3d5eb066N

    • Size

      107KB

    • MD5

      e4bbd14f58c9db9a9f161b1aa5247350

    • SHA1

      6d0efd03776876e34c7adf5f9e3d807a1ec7762f

    • SHA256

      af9b9a674c87f6f5e662e61e9741e0b0c060c839254963824db1cf5f3d5eb066

    • SHA512

      2f15d097a0140dc41db54b33a184a953b77bbd8f7576bb30f6dd35af837b7a4e891d9e23effcba19407702bb034c8f3c007f2c6750416277eb2c5a9eadc980c7

    • SSDEEP

      1536:2zfXIsxrhzk2nfsW3ou3yWW2dvcW6eHcBwUi6vWE0Dl27b58XBdqaMGxuA1n1:yfjxrhzk2nfsWhP7dvavi6vWEbh8X/

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks