General

  • Target

    021faa58c01049f9cc532660eee76b2a2657f6c51d3c47ae08eb6f23856ae5fdN

  • Size

    59KB

  • Sample

    241110-cd19aawmhv

  • MD5

    f86f167945e5e2447a61b85dd5009340

  • SHA1

    0ecbb96ca4a36a235aa2c356446fc85f9dba13d7

  • SHA256

    021faa58c01049f9cc532660eee76b2a2657f6c51d3c47ae08eb6f23856ae5fd

  • SHA512

    4fc90862687593522a74cce45c3ee483846396eba67c8a108d12eb6465d02b095f9074737f452a20538ec19b06a768b7da4d7bb8137d1f4354098b91a9fb2f10

  • SSDEEP

    1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQh:OeodiUO4p13b9HiIeoutuh1aQh

Malware Config

Targets

    • Target

      021faa58c01049f9cc532660eee76b2a2657f6c51d3c47ae08eb6f23856ae5fdN

    • Size

      59KB

    • MD5

      f86f167945e5e2447a61b85dd5009340

    • SHA1

      0ecbb96ca4a36a235aa2c356446fc85f9dba13d7

    • SHA256

      021faa58c01049f9cc532660eee76b2a2657f6c51d3c47ae08eb6f23856ae5fd

    • SHA512

      4fc90862687593522a74cce45c3ee483846396eba67c8a108d12eb6465d02b095f9074737f452a20538ec19b06a768b7da4d7bb8137d1f4354098b91a9fb2f10

    • SSDEEP

      1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQh:OeodiUO4p13b9HiIeoutuh1aQh

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks