General

  • Target

    61da4fabf0eb439c5efab4639a8c9bfcc856a5f2e67f82e2b9f45fb96a28787fN

  • Size

    169KB

  • Sample

    241111-p7q2maymbz

  • MD5

    7efff8478924b36d94efcbdbbfeeeef0

  • SHA1

    3d75a0988d0ccbd3add2f4764a5d9e87ad4da971

  • SHA256

    61da4fabf0eb439c5efab4639a8c9bfcc856a5f2e67f82e2b9f45fb96a28787f

  • SHA512

    37484fc6dfb145fc63ba9458c9f2a741d8fc235da09e0541cf85ac5eb49bbd619339e5393dd3a5bc67548268f32b829e5bac12f0475087e82ff6d6f4e1dc0924

  • SSDEEP

    3072:s4tWMJJh6fryYP/AarTHlOTnv3phI3QoZLKe8S:scWMJJhqryYP/AarTFOTv3phIAmR1

Malware Config

Targets

    • Target

      61da4fabf0eb439c5efab4639a8c9bfcc856a5f2e67f82e2b9f45fb96a28787fN

    • Size

      169KB

    • MD5

      7efff8478924b36d94efcbdbbfeeeef0

    • SHA1

      3d75a0988d0ccbd3add2f4764a5d9e87ad4da971

    • SHA256

      61da4fabf0eb439c5efab4639a8c9bfcc856a5f2e67f82e2b9f45fb96a28787f

    • SHA512

      37484fc6dfb145fc63ba9458c9f2a741d8fc235da09e0541cf85ac5eb49bbd619339e5393dd3a5bc67548268f32b829e5bac12f0475087e82ff6d6f4e1dc0924

    • SSDEEP

      3072:s4tWMJJh6fryYP/AarTHlOTnv3phI3QoZLKe8S:scWMJJhqryYP/AarTFOTv3phIAmR1

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Network Share Discovery

      Attempt to gather information on host network.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks